2

I wonder what would be the best way in php to check if provided url is valid... At first I tried with:

filter_var($url, FILTER_VALIDATE_URL) === false

But it does not accept www.example.com (without protocol). So I tried with a simple modification:

protected function checkReferrerUrl($url) {
    if(strpos($url, '://') == false) {
        $url = "http://".$url;
    }
    if(filter_var($url, FILTER_VALIDATE_URL) === false) {
        return false;
    }
    return true;
}

Now it works fine with www.example.com but also accepts simple foo as it converts to http://foo. However though this is not a valid public url I think... so what would you suggest? Go back to traditional regexp?

Improve this question
3
  • Yes, I'd say regex is the way to go. There are plenty of patterns out there for URL validation, so if you don't want to write one yourself, you'll find one anyway. Commented Aug 20, 2015 at 8:27
  • It depends what you mean by "valid". Should it exist, i.e., successfully respond to requests? In this case link might be what you're looking for. Commented Aug 20, 2015 at 8:27
  • I just want to check if the referrer to determine if I should display something or not. But it's possible that at the moment the configuration is entered such link would not exist (i.e. some site will be released in the near future and admin wants to config something in advance) Commented Aug 20, 2015 at 8:30

2 Answers 2

Reset to default
4

I recommend, that you do not use filter_var with type URL. There are much more side-effects. For example, these are valid URLs according to filter_var:

http://example.com/"><script>alert(document.cookie)</script>
http://example.ee/sdsf"f

Additionally FILTER_VALIDATE_URL does not support internationalized domain names (IDN).

I recommend using a regex combined with some ifs afterwards (f.e. for the domain) for security reasons. Without the security aspect I am using parse_url to take my parts. But this function has a similar issue, when the scheme (no http/https) is missing.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Use this 

<?php
$url = 'www.example.com';

if(validateURL($url)){
       echo "Valid";
    }else{
        echo "invalid";
    }

function validateURL($URL) {
      $pattern_1 = "/^(http|https|ftp):\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+.(com|org|net|dk|at|us|tv|info|uk|co.uk|biz|se)$)(:(\d+))?\/?/i";
      $pattern_2 = "/^(www)((\.[A-Z0-9][A-Z0-9_-]*)+.(com|org|net|dk|at|us|tv|info|uk|co.uk|biz|se)$)(:(\d+))?\/?/i";       
      if(preg_match($pattern_1, $URL) || preg_match($pattern_2, $URL)){
        return true;
      } else{
        return false;
      }
    }
?>

Try this one too

<?php

// Assign URL to $URL variable
$url = 'http://example.com';

// Check url using preg_match
if (preg_match("/^(https?:\/\/+[\w\-]+\.[\w\-]+)/i",$url)){
    echo "Valid";
    }else{
        echo "invalid";
    }

?>
Improve this answer

4 Comments

You need to add the pl here like this biz|se|pl
I know... but do you realize how many top level domains you would have to list this way?
This will not work for .ki, .km, .kn, .kp, .kr, .kw, .ky, .kz, .la, .lb, .lc, .li, .lk, .lr, .ls, .lt, .lu, .lv, .ly, .ma, .mc, .md, .me, .mg, .mh, .mk, .ml, .mm, .mn, .mo, .mp, .mq ...
Or .भारत or .భారత్ or .мкд

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.