On p, 2007-01-26 at 16:46 +0100, Jochem Maas wrote:
> Németh Zoltán wrote:
> > On p, 2007-01-26 at 14:10 +0000, Corden James (RW3) CM&MC Manchester
> > wrote:
> >> I have a form in which users submit a url. I am having problems as some
> >> people submit the url in the format http://www.blah.blah.org
> >> <http://www.blah.blah.org/> while others submit in the format
> >> www.blah.blah.org <http://www.blah.blah.org/> I have designed the form
> >> so that it seems fairly obvious (to me anyway) not to include the
> >> http:// but people are still doing it (presumably because they are
> >> copying and pasting from a browser). My form processing script is
> >> designed to add http:// to the submitted url and place the modified url
> >> in a database for future use. As you can imagine sometimes I end up with
> >> urls such as http://http://www.blah.blah.org
> >> <http://http:/www.blah.blah.org> in my database. Hence I need a more
> >> rigorous form processing script that is capable of first checking if the
> >> url includes http:// and then processes accordingly. Can anyone point me
> >> in the right direction for such a script?
> >>
> >>
> >>
> >
> > You should first check the url and only add "http://"; at the beginning
> > if its not there
> >
> > I do it like
> >
> > if (substr($url, 0, 4) != "http") {$url = "http://"; . $url;}
> >
> > in my website, although it is probably not the most elegant solution ;)
>
> it will break in the highly unlikely situation that someone uploads a url
> like:
>
> http.mydomain.com
>
> an also for things like:
>
> ftp://leet.haxordownload.org/
>
> 2 alternatives spring to mind:
>
> 1. a beasty little regex.
> 2. use the output of parse_url().
parse_url is a great idea, I think I will use that in the future
thanks Jochem
greets
Zoltán Németh
>
> the second is by far the better way of doing this, below a couple of
> examples:
>
> <?php
>
> var_dump(
> parse_url("http.mydomain.com/foo.php?id=1"),
> parse_url("https://www.foo.org/html.html?arg=a";),
> parse_url("ftp://leet.haxordl.org";)
> );
>
> ?>
>
> hopefully the OP has enough brains (I'll assume he does given the 'Dr' title
> he carries :-)
> to figure out how to use the output to be able to always generate a valid url
> from whatever
> people are sticking in his form (and/or return a suitable error if someone
> tries to insert
> some complete rubbish)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
