Quotes in a regular expression..

Krush019

I have a regular expression i'm using to simply look for "not allowed" charaters. Theres nothing to special about it just checking a complete string for certian characters. My problem is trying to allow quote marks (").

if (eregi("[^{[:alnum:][:space:]]",} $_POST['text']))

works fine and returns just like i want it to. Now i want to add quotes.

if (eregi("[^{[:alnum:][:space:]"]",} $_POST['text']))

Parse error when done like that. So now lets escape it with a "\".

if (eregi("[^{[:alnum:][:space:]\"]",} $_POST['text']))

That works but actually inserts a "\" in front of every quote in the string. So if the string was:

abc "def" ghi

it becomes:

abc \"def\" ghi

Now i know i could go thru and strip out the slashes after i run the ereg but that seems like the wrong way to do it. I'm just alittle confused at this point, i don't understand how "eregi" can inject characters into my original string. On top of that if not escaping the quotes creates a parse error and escaping injects slashes, what is the right way to add the quotes? Thanks in advance for any help.

daphreeek

It isnt eregi putting the slashes there 🙂 Try just printing $_POST['text'] to the screen and you will see that it actually has \" on screen meaning php sees it as \\" so you need 2 strip the slashes before you use eregi 🙂

Your eregi line is fine - its the way that the browser sends the info to the server 🙂 remember to strip the slashes before you do anything else (you have to with all form inputs for PHP)

Hope that helps
- Matt