Re: preg_replace question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12-12-2012 21:10, Curtis Maurand wrote:

On 12/12/2012 12:00 PM, Maciek Sokolewicz wrote:

On 12-12-2012 17:11, Curtis Maurand wrote:

I have several poisoned .js files on a server.  I can use find to
recursively find them and then use preg_replace to replace the string.
However the string is filled with single quotes, semi-colons and a lot
of other special characters.  Will
preg_relace(escapeshellarg($String),$replacement) work or do I need to
go through the entire string and escape what needs to be escaped?

--C


First of all, why do you want to use preg_replace when you're not
actually using regular expressions??? Use str_replace or stri_replace
instead.

Aside from that, escapeshellarg() escapes strings for use in shell
execution. Perl Regexps are not shell commands. It's like using
mysqli_real_escape_string() to escape arguments for URLs. That doesn't
compute, just like your way doesn't either.

If you DO wish to escape arguments for a regular expression, use
preg_quote instead, that's what it's there for. But first, reconsider
using preg_replace, since I honestly don't think you need it at all if
the way you've posted
(preg_replace(escapeshellarg($string),$replacement)) is the way you
want to use it.

Thanks for your response.  I'm open to to using str_replace.  no issue
there.  my main question was how to properly get a string of javascript
into a string that could then be processed.  I'm not sure I can just put
that in quotes and have it work.    There are colons, "<",">",
semicolons, and doublequotes.  Do I just need to rifle through the
string and escape the reserved characters or is there a function for that?

--C
Why do you want to escape them? There are no reserved characters in the case of str_replace. You don't have to put anything in quotes. For example:
$string = 'This is a <string with various supposedly "reserved" ``\\ _- characters' 
echo str_replace('supposedly', 'imaginary', $string)
would return:
This is a <string with imaginary "reserved" ``\\- characters

So... why do you want to "escape" these characters?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux