Home > Article > Backend Development > Discuss the matching of PHP ereg() function and regular expression_PHP Tutorial
Discuss the matching of PHP ereg() function and regular expression_PHP Tutorial
- WBOYOriginal
- 2016-07-15 13:30:52913browse
However, eregi() is a case-ignoring version of the PHP ereg() function. Both have similar functions to preg_match, but the function returns a Boolean value indicating whether the match was successful or not. It should be noted that the first parameter of the POSIX extension library function accepts a regular expression string, that is, no delimiter is required. For example, Listing 6.2 is a method for checking the security of file names.
Code 6.2 Security check of file name
<ol class="dp-xml"><li class="alt"><span><span class="tag"><</span><span> ?php </span></span></li><li><span>$</span><span class="attribute">username</span><span> = $_SERVER['REMOTE_USER']; </span></li><li class="alt"><span>$</span><span class="attribute">filename</span><span> = $_GET['file']; </span></li><li><span>//对文件名进行过滤,以保证系统安全 </span></li><li class="alt"><span>if (!ereg('^[^./][^/]*$', $userfile)) </span></li><li><span>{ </span></li><li class="alt"><span>die('这不是一个非法的文件名!'); </span></li><li><span>} </span></li><li class="alt"><span>//对用户名进行过滤 </span></li><li><span>if (!ereg('^[^./][^/]*$', $username)) </span></li><li class="alt"><span>{ </span></li><li><span>die('这不是一个无效的用户名'); </span></li><li class="alt"><span>} </span></li><li><span>//通过安全过滤,拼合文件路径 </span></li><li class="alt"><span>$</span><span class="attribute">thefile</span><span> = </span><span class="attribute-value">"/home/$username/$filename"</span><span>; </span></li><li><span class="tag">?></span><span> </span></span></li></ol>
Normally, using the Perl-compatible regular expression matching function perg_match() will be better than using PHP The ereg() function or eregi() is faster. If you just want to find whether a string contains a certain substring, it is recommended to use the strstr() or strpos() function.