All geek questions in one place

Validating sprintf format from regex input field

I have an input field where you can enter both plain text and sprintf tags.

Example: some text here. %1$s done %2$d times some text here. %1$s done %2$d times

How to check sprintf parts are correct so that they are not mistaken, for example %$1s ? The text is utf-8, and as far as I know, the regular expression matches only latin characters.

www.regular-expressions.info does not list /u anywhere, which I think is used to say that the string is unicode.

Is the best way to simply search the entire line of the input field for % or $ , and if found then apply a regular expression to test sprintf parts?

I think the regex will be: /%\d\$(s|d|u|f)/u

+3
source share
3 answers

This is what I came across, and his work.

 // Always use server validation even if you have JS validation if (!isset($_POST['input']) || empty($_POST['input'])) { // Do stuff } else { $matches = explode(' ',$_POST['input']); $validInput = true; foreach ($matches as $m) { // Check if a slice contains %$[number] as it indicates a sprintf format if (preg_match('/[%\d\$]+/',$m) > 0) { // Match found. Now check if its a valid sprintf format if ($validInput === false || preg_match('/^%(?:\d+\$)?[dfsu]$/u',$m)===0) { // no match found $validInput = false; break; // Invalid sprintf format found. Abort } } } if ($validInput === false) { // Do stuff when input is NOT valid } }

Thanks to Gumbo for the regex pattern that matches both the marker and without it.

Change I realized that the% search is incorrect, since nothing will be checked if it is forgotten / omitted. Above is the new code.

"$ validInput === false ||" may be omitted in the last if-statement, but I have included it for completeness.

0
source

I initially used the Gumbo regular expression to parse sprintf directives, but immediately ran into a problem when trying to parse something like% 1.2f. In the end, I went back to the PHP sprintf tutorial and wrote a regular expression according to its rules. I'm currently not a regular expression expert, so I'm not sure if this is the cleanest way to write it:

 /%(?:\d+\$)?[+-]?(?:[ 0]|'.{1})?-?\d*(?:\.\d+)?[bcdeEufFgGosxX]/

I used http://www.spaweditor.com/scripts/regex/index.php to test it, and I pretty much copied / pasted most of the example directives used in the sprintf manual and it parses as expected.

+5
source

The UTF-8 modifier is not needed if you are not using UTF-8 in your template. Also, sprintf format is more complex, try the following

 /%(?:\d+\$)?[dfsu]/

This will match the format %s and %1$s .

But if you want to check every occurrence of % and whether the correct sprintf() format should be used, regular expressions would not be a good choice. Sequential parser would be better.

+2
source

Source: https://habr.com/ru/post/912197/

More articles:


All Articles