Hello,

I've got some old PHP form code (Originally dbmasters F@rmMailer, guess no longer supported) that is requiring me to change eregi to preg_match. I am having a bit of trouble getting this to work. There are only several instances of eregi I was wondering if someone could take a look. I have uploaded the PHP, I would have embedded it in here but it was a bit too long and I didn’t want to break it into multiple posts.

Thanks!

These two method are more or less equivalent. The major difference is that eregi is automatically case insensitive and accepts no switches, therefore requires no switch to tell it to be so or anything else. I'm oversimplifying because this is likely all you need to know to make the conversion in the specific code you attached, you can look up these two methods at http://php.net/ to see other differences.

Now, because preg_match requires a switch to be case insensitive (and can have other switches for other things), we need some way of differentiating the expression we are using from the switch, ex:


if(eregi(/\.jpg$/, 'image.JPG'))

will return true (pass on to the next command that depends upon its being true) because it's case insensitive and \.jpg$ matches the .JPG in the string being tested. But with preg_match we need to be more specific:


if(preg_match('/\.jpg$/i', 'image.JPG'))

See, we need extra delimiters so we can use the switch. This will also match (return true) because we told preg_match to be case insensitive.

So, besides changing every occurrence of eregi to preg_match in the code, we also have to change the regular expressions used. These appear to be:


// email validation regular expression
$regex = "^[-a-z0-9!#$%&\'*+/=?^_`{|}~]+(\.[-a-z0-9!#$%&\'*+/=?^_`{|}~]+)*@(([a-z0-9]([-a-z0-9]*[a-z0-9]+)?){1,63}\.)+([a-z]([-a-z0-9]*[a-z0-9]+)?){2,63}$";
$header_injection_regex = "(\r|\n)";

Which I would make:


// email validation regular expression
$regex = "<^[-a-z0-9!#$%&\'*+/=?^_`{|}~]+(\.[-a-z0-9!#$%&\'*+/=?^_`{|}~]+)*@(([a-z0-9]([-a-z0-9]*[a-z0-9]+)?){1,63}\.)+([a-z]([-a-z0-9]*[a-z0-9]+)?){2,63}$>i";
$header_injection_regex = "/(\r|\n)/i";
?>

which, because you're running low on possible delimiters for $regex, I'm not certain will work, but in testing seems feasible. I used the <> characters as delimiters, and testing shows that should work (they're allowed as delimiters and are not in the $regex expression). I will attach the entire updated file. We can try other combinations if necessary and/or troubleshoot any typos, I'm sure something will work.

6292

Thanks for this. At first glance this looks like it should work I will test. Do you think the following function line would be impacted? It is the only instance of preg_replace.


function parseValue($value)
{
$value=preg_replace("/(http:\/\/+.[^\s]+)/i",'<a href="\\1">\\1</a>', $value);
return $value;
}

Should be fine. It (the preg_replace usage you mention) already follows the accepted conventions for preg_whatever, and doesn't rely upon either of the regular expression we are changing.

Thanks very much. I am still testing but this seems to work.

Hello, I'm wondering if you wouldn’t mind letting me know what you think of the CAPTCHA in this script? For one, how do you activate it but for two, it doesn’t seem very useful? Would I be better of trying to incorporate Google ReCaptcha?