0

In an old version of the docebo cms There is a check with preg_match(), which however generates error and returns false, Obviously there is something that does not go in the pattern But probably with an older PHP version it worked Does anyone know where the mistake is, And how would it be corrected?

$str="my_session";
clean_input_keys($str);

protected function clean_input_keys($str) {
    $pattern = '#^[&a-zA-Z0-9\.:_/-\s]+$#uD';
    $b_preg_match = preg_match($pattern, $str);
    var_dump($b_preg_match); //false //preg_match() returns FALSE if an error occurred. 
    if ( ! $b_preg_match) {
        exit('Disallowed key characters in global data.');
    }
    return $str;
}
4
  • Are you using Apple developer library? Did you read the error message? Commented Jun 15, 2017 at 14:13
  • 1
    The fragment /-\s doesn't seem to be valid. I would suggest /\s- instead. Commented Aug 2, 2017 at 17:22
  • Exactly, right now that tries to specify a character class "from / to whitespace" here, which of course makes no sense. (Btw., next time quote the error message please, instead of just telling us that you got one ...) Commented Aug 2, 2017 at 17:24
  • And I doubt this ever "worked" in older PHP versions ... much more likely that previously the error reporting was simply silenced, and this never did what it was supposed to in the first place ... Commented Aug 2, 2017 at 17:29

1 Answer 1

2

Note that preg_match returns false if there is an error in the pattern:

preg_match() returns 1 if the pattern matches given subject, 0 if it does not, or FALSE if an error occurred.

The error PHP throws is

PHP Warning: preg_match(): Compilation failed: invalid range in character class at offset 19 in /home/VaTQ68/prog.php on line 5

The unescaped hyphen inside a character class may form a range. A range between / and \s is not defined, hence the error.

You need to put the hyphen at the end or start of the character class, or escape it:

$pattern = '#^[&a-zA-Z0-9\.:_/\s-]+$#uD';
                                ^

See the PHP demo

Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.