PHP regular expression to verify the legality of file paths and file names

When developing web projects, we often need to process uploaded files. When uploading files, the legality of the file path and file name must be verified. In PHP, you can use regular expressions to verify the file path and file name. This article will introduce how to use regular expressions to verify the legality of the file path and file name.

1. File path legality verification

The file path refers to the path description of the file in the computer file system. It can be an absolute path or a relative path. In PHP, a typical file path can look like this:

$filePath = "/home/user/project/files/test.txt";

The main purpose of file path legality verification is to ensure that the format of the file path is correct and that there are no illegal characters. The following is how to use regular expressions to verify file paths:

function validateFilePath($filePath) {
    $pattern = '/^([a-zA-Z]:)?(/[a-zA-Z0-9]+)+/?$/';
    return preg_match($pattern, $filePath);
}

The above function accepts a file path as a parameter and uses regular expressions for verification. The meaning of the regular expression is as follows:

• ^([a-zA-Z]:)?: represents an optional drive identifier, such as C:, D:, etc. .
• (/[a-zA-Z0-9] ) : Indicates the directory name, where "/" is the directory separator.
• /?$: Indicates the optional directory separator "/".

Use the above function to verify the file path and return a Boolean value. If the file path is legal, returns true; otherwise returns false.

2. File name legality verification

The file name refers to the name of the file in the computer file system. Except for special characters, the file name can contain any characters. In PHP, a typical file name can look like this:

$fileName = "test_file.jpg";

The main purpose of file name legality verification is to prevent malicious file name attacks and protect project security. The following is how to use regular expressions to verify file names:

function validateFileName($fileName) {
    $pattern = '/^[^-\:*?"<>|/]+$/';
    return preg_match($pattern, $fileName);
}

The above function accepts a file name parameter and uses regular expressions for verification. The meaning of the regular expression is as follows:

• ^[^- \:*?"<>|/] : Indicates that it does not contain control characters, delimiters and special characters Character file name.
• $: Indicates the end character.

Use the above function to verify the file name and return a Boolean value. If the file If the name is legal, it returns true; otherwise it returns false.

3. Comprehensive verification

In actual development, we usually need to comprehensively verify the file path and file name. The following is a regular rule Expression comprehensive verification function of file path and file name:

function validateFilePathAndName($filePath, $fileName) {
    $pattern = '/^([a-zA-Z]:)?(/[a-zA-Z0-9]+)+/?$/';
    if (!preg_match($pattern, $filePath)) {
        // 文件路径非法
        return false;
    }
    $pattern = '/^[^-\:*?"<>|/]+$/';
    if (!preg_match($pattern, $fileName)) {
        // 文件名非法
        return false;
    }
    return true;
}

The above function accepts file path and file name as parameters, and first uses regular expressions to verify the file path. If the file path is illegal, it returns false directly; otherwise Then use regular expressions to verify the file name. If the file name is illegal, return false; otherwise, return true, indicating that the file path and file name are legal.

In summary, use regular expressions to verify the file path and file The legality of names is an important security measure. In actual development, we need to master the grammatical rules of regular expressions and be good at using regular expressions for legality verification.

The above is the detailed content of PHP regular expression to verify the legality of file paths and file names. For more information, please follow other related articles on the PHP Chinese website!