Is There a PHP Function That Can Escape Regex Patterns Before They Are Applied

  • Home
  • Languages
  • PHP
  • Is There a PHP Function That Can Escape Regex Patterns Before They Are Applied

Is there a PHP function that can escape regex patterns before they are applied?

preg_quote() is what you are looking for:

Description

string preg_quote ( string $str [, string $delimiter = NULL ] )

preg_quote() takes str and puts a
backslash in front of every character
that is part of the regular expression
syntax. This is useful if you have a
run-time string that you need to match
in some text and the string may
contain special regex characters.

The special regular expression
characters are: . \ + * ? [ ^ ] $ ( ) { } = ! < > | : -

Parameters


str


The input string.

delimiter


If the optional delimiter is specified, it will also be escaped. This is useful for escaping the delimiter that is required by the PCRE functions. The / is the most commonly used delimiter.

Importantly, note that if the $delimiter argument is not specified, the delimiter - the character used to enclose your regex, commonly a forward slash (/) - will not be escaped. You will usually want to pass whatever delimiter you are using with your regex as the $delimiter argument.

Example - using preg_match to find occurrences of a given URL surrounded by whitespace:

$url = 'http://stackoverflow.com/questions?sort=newest';

// preg_quote escapes the dot, question mark and equals sign in the URL (by
// default) as well as all the forward slashes (because we pass '/' as the
// $delimiter argument).
$escapedUrl = preg_quote($url, '/');

// We enclose our regex in '/' characters here - the same delimiter we passed
// to preg_quote
$regex = '/\s' . $escapedUrl . '\s/';
// $regex is now:  /\shttp\:\/\/stackoverflow\.com\/questions\?sort\=newest\s/

$haystack = "Bla bla http://stackoverflow.com/questions?sort=newest bla bla";
preg_match($regex, $haystack, $matches);

var_dump($matches);
// array(1) {
//   [0]=>
//   string(48) " http://stackoverflow.com/questions?sort=newest "
// }

php regex escaping special characters

Only the characters listed on this page need to be escaped in PHP regex matching/replacing.

While < and > can act as delimiter, it doesn't need to be escaped in the given example because you already have /(slash) acting as a delimiter.

Referring to the link in question

The preg_quote() function may be used to escape a string for injection into a pattern and its optional second parameter may be used to specify the delimiter to be escaped.

Escaping string for use in regular expression

preg_quote

From the manual:

puts a backslash in front of every
character that is part of the regular
expression syntax

You can also pass the delimiter as the second parameter and it will also be escaped. However, if you're using # as your delimiter, then there's no need to escape /

How to properly escape a string for use in regular expression in PHP?

The proper way is to use preg_quote and specify the used pattern delimiter.

preg_quote() takes str and puts a backslash in front of every character that is part of the regular expression syntax... characters are: . \ + * ? [ ^ ] $ ( ) { } = ! < > | : -

Trying to use a backslash as delimiter is a bad idea. Usually you pick a character, that's not used in the pattern. Commonly used is slash /pattern/, tilde ~pattern~, number sign #pattern# or percent sign %pattern%. It is also possible to use bracket style delimiters: (pattern)

Your regex with modification mentioned in comments by @CasimiretHippolyte and @anubhava.

$pattern = '/(?<![a-z])' . preg_quote($string, "/") . '/i';

Maybe wanted to use \b word boundary. No need for any additional escaping.

How to escape regex special characters from array using php to use in javascript

You could use array_map() with preg_quote() like this :

$arr = array("+1", "1+4"); 
echo implode("|", array_map('preg_quote', $arr));

Outputs :

\+1|1\+4

To get the final pipe :

$arr = array("+1", "1+4" , ""); 
echo implode("|", array_map('preg_quote', $arr)) ;
// Or
$arr = array("+1", "1+4"); 
echo implode("|", array_map('preg_quote', $arr)) . "|" ;

Outputs :

\+1|1\+4|

How to escape a slash character in the preg_match pattern?

You can use preg_quote function:

$pattern = '/line(\s+)' . preg_quote($line, '/') . '/';

PHP function to escape MySQL regexp syntax

MySQL regexps are the ‘extended’ POSIX variant (ERE), available in PHP as the deprecated ereg_ functions.

Unfortunately there is no ereg_quote in PHP, however PCRE's special characters are a superset of ERE's special characters, and backslash-escaping a non-special punctuation character doesn't harm it, so you can get away with using preg_quote safely.

(Naturally you will need parameterised queries or mysql_real_escape_string after that quoting, to stop the backslashes being misinterpreted as MySQL's non-ANSI-standard string literal escapes.)

Regex doesn't match with parentheses

You have to escape the special characters of your query. E.g. replace ( with \( and ) with \).

In PHP you can use preg_quote(https://www.php.net/manual/en/function.preg-quote.php), like this:

$regexSeller = new Regex('^'.preg_quote($search['seller']), 'i');

Let me know if it worked! ;)

Thanks!

The preg_match function doesn't accept the symbol /

Escape the slash and move the dash at the end of the character class:

$pattern = "a-z0-9_\/-";
preg_match("/^[". $pattern ."]+$/i", $URI);

Note: preg_quote doesn't work in this case because it escapes the dash, I don't know why.

You could also use another delimiter:

$pattern = "a-z0-9_/-";
preg_match("~^[". $pattern ."]+$~i", $URI);

What special characters must be escaped in regular expressions?

Which characters you must and which you mustn't escape indeed depends on the regex flavor you're working with.

For PCRE, and most other so-called Perl-compatible flavors, escape these outside character classes:

.^$*+?()[{\|

and these inside character classes:

^-]\

For POSIX extended regexes (ERE), escape these outside character classes (same as PCRE):

.^$*+?()[{\|

Escaping any other characters is an error with POSIX ERE.

Inside character classes, the backslash is a literal character in POSIX regular expressions. You cannot use it to escape anything. You have to use "clever placement" if you want to include character class metacharacters as literals. Put the ^ anywhere except at the start, the ] at the start, and the - at the start or the end of the character class to match these literally, e.g.:

[]^-]

In POSIX basic regular expressions (BRE), these are metacharacters that you need to escape to suppress their meaning:

.^$*[\

Escaping parentheses and curly brackets in BREs gives them the special meaning their unescaped versions have in EREs. Some implementations (e.g. GNU) also give special meaning to other characters when escaped, such as \? and +. Escaping a character other than .^$*(){} is normally an error with BREs.

Inside character classes, BREs follow the same rule as EREs.

If all this makes your head spin, grab a copy of RegexBuddy. On the Create tab, click Insert Token, and then Literal. RegexBuddy will add escapes as needed.


Related Topics

How to Get File_Get_Contents() to Work With Https

PHP Does Not Display Error Messages

Only Variables Should Be Passed by Reference

How to Debug Exec() Problems

How to Display HTML Tags as Plain Text

Create Subdomains on the Fly With .Htaccess (PHP)

Remove a Child With a Specific Attribute, in Simplexml For PHP

Reference: What Is a Perfect Code Sample Using the MySQL Extension

How to Insert Multiple Rows from Array Using Codeigniter Framework

What Is Output Buffering

Sort an Array by Keys Based on Another Array

Allow PHP Sessions to Carry Over to Subdomains

MySQL and PHP: Utf-8 With Cyrillic Characters

PHP: How to Send Http Response Code

Reading Json Post Using PHP

Simplest Way to Detect a Mobile Device in PHP

Using Braces With Dynamic Variable Names in PHP

Convert Time in Hh:Mm:Ss Format to Seconds Only


Leave a reply



Submit