1. 首頁
  2. 問答
  3. 從mysql插入語句中刪除鏈接?

從mysql插入語句中刪除鏈接?

2013-05-01 38 views
4

我不知道是否有人可以請求幫助,我正在運行一個MySQL插入查詢,所以當用戶填寫表單時,它會將內容插入到數據庫中。但是,我試圖讓我可以刪除/阻止鏈接(URL)被插入。從mysql插入語句中刪除鏈接?

我正在嘗試這個,但是我是MySQL的新手,我無法讓它工作,我不確定我是否正確地做,我會很感激,如果有人可以幫忙。

由於提前,

<?php ob_start(); ?> 
<?php 
// check if the review form has been sent 
if(isset($_POST['review_content'])) 
if(isset($_POST['review_recipient'])) 
{ 
    $content = $_POST['review_content']; 
    $review_recipient = $_POST['review_recipient']; 
     //We remove slashes depending on the configuration 
     if(get_magic_quotes_gpc()) 
     { 
       $content = stripslashes($content); 
       $review_recipient = stripslashes($review_recipient); 
     } 
     //We check if all the fields are filled 
     if($_POST['review_content']!='') 
     if($_POST['review_recipient']!='') 
     { 


      { 

       $forbidden = array('<[\w.][email protected][\w.]+>', '<\w{3,6}:(?:(?://)|(?:\\\\))[^\s]+>', '#<.*?>([^>]*)</a>#i'); 
$matches = array('****', '****', '****'); 
$post  = preg_replace($forbidden, $matches, $post); 


      $sql = "INSERT INTO ptb_reviews (id, from_user_id, from_guest, to_user_id, content) VALUES (NULL, '-1', '".$review_recipient."', '".$profile_id."', '".$content."');"; 
      mysql_query($sql, $connection); 

      $_SESSION['message']="<div class=\"infobox-wallpost\"><strong>Thank You</strong> - Your review has been sent and is awaiting approval.</div><div class=\"infobox-close4\"></div>"; 
header("Location: {$_SERVER['HTTP_REFERER']}"); 

} } } } } ?>

更新:

好了,所以我試圖做這樣的,但它仍然能顯示

<?php ob_start(); ?> 
<?php 
// check if the review form has been sent 
if(isset($_POST['review_content'])) 
if(isset($_POST['review_recipient'])) 
{ 
    $content = $_POST['review_content']; 
    $review_recipient = $_POST['review_recipient']; 
     //We remove slashes depending on the configuration 
     if(get_magic_quotes_gpc()) 
     { 
       $content = stripslashes($content); 
       $review_recipient = stripslashes($review_recipient); 

       $regex = "/(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w\.-]*)*\/?/"; 
$replacement = "[blocked url]"; 
$review_recipient = reg_replace($regex,$replacement,$_POST['review_recipient']); 
$profile_id = intval($_POST['profile_id ']); //dont know how you get this 
$content = reg_replace($regex,$replacement,$_POST['review_content']); 
     } 
     //We check if all the fields are filled 
     if($_POST['review_content']!='') 
     if($_POST['review_recipient']!='') 


     { 


      { 


      $sql = "INSERT INTO ptb_reviews (id, from_user_id, from_guest, to_user_id, content) VALUES (NULL, '-1', '".$review_recipient."', '".$profile_id."', '".$content."');"; 
      mysql_query($sql, $connection); 

      $_SESSION['message']="<div class=\"infobox-wallpost\"><strong>Thank You</strong> - Your review has been sent and is awaiting approval.</div><div class=\"infobox-close4\"></div>"; 
header("Location: {$_SERVER['HTTP_REFERER']}"); 

} } } } } ?>

來源

2013-05-01 Harry Man

+0

發現網址:'/(HTTPS:\/\ /()([\da-z\.-]+)\.([az\.]{2,6})([\/\w \ .-] *)* \ /?/' – 2013-05-01 11:43:05

+0

看我的答案是,問題在於代碼的嵌套。我已經清理了一下,問題很明顯。 – naththedeveloper 2013-05-01 12:36:32

回答

1

你有問題是,你有get_magic_quotes_gpc()調用中的正則表達式檢查,喬爾的代碼也具有reg_replace作爲一個錯字,否則那會已經工作(如果你已經把它外面的魔術引號檢查。

這裏是一個完全更新腳本,您可以嘗試。

<?php 

ob_start(); 

// check if the review form has been sent 
if(isset($_POST['review_content'])) { 
    if(isset($_POST['review_recipient'])) { 
     $content = $_POST['review_content']; 
     $review_recipient = $_POST['review_recipient']; 

     //We remove slashes depending on the configuration 
     if(get_magic_quotes_gpc()) { 
       $content = stripslashes($content); 
       $review_recipient = stripslashes($review_recipient); 
     } 

     $regex = "/(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w\.-]*)*\/?/"; 
     $replacement = "[blocked url]"; 
     $review_recipient = preg_replace($regex,$replacement,$_POST['review_recipient']); 
     //$profile_id = intval($_POST['profile_id']); //dont know how you get this 
     $content = preg_replace($regex,$replacement,$_POST['review_content']); 


     //We check if all the fields are filled 
     if($_POST['review_content']!='') { 
      if($_POST['review_recipient']!='') { 

       $sql = "INSERT INTO ptb_reviews (id, from_user_id, from_guest, to_user_id, content) VALUES (NULL, '-1', '".$review_recipient."', '".$profile_id."', '".$content."');"; 
       mysql_query($sql, $connection); 

       $_SESSION['message']="<div class=\"infobox-wallpost\"><strong>Thank You</strong> - Your review has been sent and is awaiting approval.</div><div class=\"infobox-close4\"></div>"; 

       header("Location: {$_SERVER['HTTP_REFERER']}"); 
      } 
     } 

    } 

} 

?>

如果您想阻止特定的話,你還可以添加這樣的事情:

$regex2 = "/(.*)\b(word1|word2|word3)\b(.*)/"; 
$replacement2 = "[blocked word]";

然後改變你的preg_replace到這樣的事情:

$content = preg_replace(Array($regex, $regex2),Array($replacement, $replacement2),$_POST['review_content']);

來源

2013-05-01 12:35:23 naththedeveloper

1

預浸更換網址,有一個尋找網址的正則表達式:

$inputData = "www.google.com is a url"; 
$filteredData = preg_replace('/(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w\.-]*)*\/?/','[blocked url]',$inputData);

這裏出了問題:

$post  = preg_replace($forbidden, $matches, $post);

這不會固定在後所有變量的URL。

我想你想服用點是這樣的:

$regex = "/(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w\.-]*)*\/?/"; 
$replacement = "[blocked url]"; 
$review_recipient = reg_replace($regex,$replacement,$_POST['review_recipient']); 
$profile_id = intval($_POST['profile_id ']); //dont know how you get this 
$content = reg_replace($regex,$replacement,$_POST['review_content']);

來源

2013-05-01 11:45:54

+0

我試過這個,但它沒有爲我工作,我把$ inputData = $內容,仍然顯示鏈接。也許我做錯了 – 2013-05-01 11:49:07

+0

正則表達式中有一個小錯誤,如果修復它,但我認爲你有些使用錯誤的變量,所以它仍然繞過preg替換 – 2013-05-01 11:52:47

+0

好的再次感謝有一個這樣看我,但代碼不爲我工作,生病在我的問題發佈我的更新代碼,如果你能告訴我,如果我出錯了某個地方,真的會有所幫助 – 2013-05-01 12:16:24

相關問題

 相關問題