On Fri, January 26, 2007 8:10 am, Corden James (RW3) CM&MC Manchester wrote: > I have a form in which users submit a url. I am having problems as > some > people submit the url in the format http://www.blah.blah.org > <http://www.blah.blah.org/> while others submit in the format > www.blah.blah.org <http://www.blah.blah.org/> I have designed the > form > so that it seems fairly obvious (to me anyway) not to include the > http:// but people are still doing it (presumably because they are > copying and pasting from a browser). My form processing script is > designed to add http:// to the submitted url and place the modified > url > in a database for future use. As you can imagine sometimes I end up > with > urls such as http://http://www.blah.blah.org > <http://http:/www.blah.blah.org> in my database. Hence I need a more > rigorous form processing script that is capable of first checking if > the > url includes http:// and then processes accordingly. Can anyone point > me > in the right direction for such a script? Perhaps you could do this: if (strtolower(substr($input, 0, 7)) === 'http://') $input = substr($input, 7); What I tend to do, however, is just check on output: if (!stristr($link, 'http://')) $link = "http://$link";; Yes, this means that I may be re-doing the operation a zillion times at output instead of once at input, but it also means that users aren't miffed that I took their URL and "changed" it out from under them when they go back to edit it. There is also the nifty http://php.net/parse_url which might be smart enough to default to 'http://' and then you could assemble the URL. Depends how funky the URLs might get -- Mine are always just homepages, so don't have much in the way of weird complex URL issues like #fragment or GET parameters. One other suggestion: You could use http://php.net/fopen to find out if the link is valid at the time of input. This will slow down input considerably, but can help catch typos in URLs. You could even go so far as to "read" the beginning of the HTML and see if there is a TITLE tag, and present that to the user to confirm it's the page they meant... Though there's an awful lot of bad HTML out there with no title tag. :-( So then you need an extra check for that, and a fallback like the first non-tag line of the body or the META description if it's there or... This presumes allow_url_fopen is "on" in php.ini, which might not be true for security reasons. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
