PHP uses regular expressions to determine whether it is a number, PHP determines a number method

Home

Backend Development

PHP Tutorial

PHP uses regular expressions to determine whether it is a number, PHP determines a number method_PHP tutorial

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jul 12, 2016 am 08:56 AM

numberregularregular expression

php uses regular expressions to determine whether it is a number, php determines a number

Two days ago, someone used php injection to submit flash game scores on a friend's website, and then I found the reason. It was found that one parameter was not judged numerically.

Originally, saving game scores is implemented in the form of game.php?ac=save&fgid=1. The fgid is called directly in the php web page without any filtering. Many people use fgid=1 to add a letter (fgid=1a) to achieve some illegal operations.

Suppose there is a game in the gamlist table with an fgid of 102
select gname from gamelist where fgid='102′;
select gname from gamelist where fgid='102a';
In this way, you can successfully find the game name gname, which provides many people with an opportunity

It is recommended that you filter the key parameters. Such as digital regular filtering
Copy code The code is as follows:
if(preg_match("/^d*$/",$fgid)) echo('is a number');
else echo('not a number');

Or use function
Copy code The code is as follows:
if(is_numeric($fgid)) echo('is a number');
else echo('not a number');

An online method to determine whether an ID is a number

Copy code The code is as follows:
$cid = empty($cid)? 1 : intval(preg_replace("/[^-d] [^d]/",'', $cid));

The difference between these two methods is that is_numeric will also treat decimals as numbers, while the previous regular expression will treat decimal points as characters.

Attached are some commonly used regular operations:

Verification number: ^[0-9]*$
Verify n-digit number: ^d{n}$
Verify at least n digits: ^d{n,}$
Verify m-n digit number: ^d{m,n}$
Verify numbers starting with zero and non-zero: ^(0|[1-9][0-9]*)$
Verify a positive real number with two decimal places: ^[0-9] (.[0-9]{2})?$
Verify positive real numbers with 1-3 decimal places: ^[0-9] (.[0-9]{1,3})?$
Verify non-zero positive integers: ^?[1-9][0-9]*$
Verify non-zero negative integers: ^-[1-9][0-9]*$
Verify non-negative integer (positive integer 0) ^d $
Verify non-positive integer (negative integer 0) ^((-d )|(0 ))$
Validate characters of length 3: ^.{3}$
Verify a string consisting of 26 English letters: ^[A-Za-z] $
Verify a string consisting of 26 uppercase English letters: ^[A-Z] $
Verify a string consisting of 26 lowercase English letters: ^[a-z] $
Verify a string consisting of numbers and 26 English letters: ^[A-Za-z0-9] $
Verify a string consisting of numbers, 26 English letters, or underscores: ^w $
Verify user password: ^[a-zA-Z]w{5,17}$ The correct format is: starting with a letter, the length is between 6-18, and can only contain characters, numbers and underscores.
Verify whether it contains characters such as ^%&‘,;=?$”: [^%&‘,;=?$x22]
Verify Chinese characters: ^[u4e00-u9fa5],{0,}$
Verify email address: ^w [- .]w )*@w ([-.]w )*.w ([-.]w )*$
Verify InternetURL: ^http://([w-] .) [w-] (/[w-./?%&=]*)?$ ; ^[a-zA-z] ://(w ( -w )*)(.(w (-w )*))*(?S*)?$
Verification phone number: ^((d{3,4})|d{3,4}-)?d{7,8}$: – The correct format is: XXXX-XXXXXXX, XXXX-XXXXXXXX, XXX-XXXXXXX, XXX -XXXXXXXX, XXXXXXX, XXXXXXXX.
Verify ID number (15 or 18 digits): ^d{15}|d{}18$
Verify the 12 months of a year: ^(0?[1-9]|1[0-2])$ The correct format is: "01"-"09" and "1" "12"
Verify the 31 days of a month: ^((0?[1-9])|((1|2)[0-9])|30|31)$ The correct format is: 01, 09 and 1, 31.
Integer: ^-?d $
Non-negative floating point number (positive floating point number 0): ^d (.d )?$
Positive floating point number ^(([0-9] .[0-9]*[1-9][0-9]*)|([0-9]*[1-9][0-9]*. [0-9] )|([0-9]*[1-9][0-9]*))$
Non-positive floating point number (negative floating point number 0) ^((-d (.d )?)|(0 (.0 )?))$
Negative floating point number ^(-(([0-9] .[0-9]*[1-9][0-9]*)|([0-9]*[1-9][0-9] *.[0-9] )|([0-9]*[1-9][0-9]*)))$
Floating point number ^(-?d )(.d )?

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

php怎么将16进制字符串转为数字Oct 26, 2021 pm 06:36 PM

php将16进制字符串转为数字的方法：1、使用hexdec()函数，语法“hexdec(十六进制字符串)”；2、使用base_convert()函数，语法“bindec(十六进制字符串, 16, 10)”。

笔记本电脑打不出1-9数字怎么办Feb 23, 2023 pm 05:19 PM

笔记本电脑打不出1-9数字是设置问题导致的，其解决办法：1、按下“win+r”打开运行输入cmd并回车；2、在命令提示符界面，输入osk并回车；3、点击虚拟键盘上的“选项”，并勾选“打开数字小键盘”；4、启动“numlock键”即可。

如何用php正则替换以什么开头的字符串Mar 24, 2023 pm 02:57 PM

PHP正则表达式是一种针对文本处理和转换的有力工具。它可以通过解析文本内容，并按照特定的模式进行替换或截取，达到有效管理文本信息的目的。其中，正则表达式的一个常见应用是替换以特定字符开头的字符串，对此，我们进行如下的讲解

如何用 Golang 正则匹配多个单词或字符串？May 31, 2024 am 10:32 AM

php 如何用正则去除中文Mar 03, 2023 am 10:12 AM

php用正则去除中文的方法：1、创建一个php示例文件；2、定义一个含有中文和英文的字符串；3、通过“preg_replace('/([\x80-\xff]*)/i','',$a);”正则方法去除查询结果中的中文字符即可。

Java中的数字（带有0前缀和字符串）Aug 29, 2023 pm 01:45 PM

Java中的数字重要的是要理解数字类不是一个有形的类，而是一个抽象的类。在它内部，我们有一组定义其功能的包装类。这些包装类包括Integer、Byte、Double、Short、Float和Long。您可能会注意到，这些与我们之前讨论的基本数据类型相同，但它们表示为具有大写名称的单独类，以符合类命名约定。根据特定函数或程序范围的要求，编译器自动将原始数据类型转换为对象，反之亦然，并且数字类是java.lang包的一部分。此过程称为自动装箱和拆箱。通过掌握数字类及其对应的包装类的抽象性质，我们可以

在PHP中使用is_numeric()函数检查是否为数字Jun 27, 2023 pm 05:00 PM

在PHP编程语言中，is_numeric()函数是一种非常常用的函数，用于判断一个变量或值是否为数字。在实际编程中，经常需要对用户输入的数值进行验证，判断其是否为数字类型，这时就可以使用is_numeric()函数进行判断。一、is_numeric()函数简介is_numeric()函数是一个用于检测变量或值是否为数字的函数。如果变量或值为数字，则返回tru