Help with expression matching
Here is the basics of what I have set up so far:
main program is at the root of the web server (http://192.168.1.82/ )
The main program gets passed a query string that tells it which module to use and what command to issue. The mod is given in the format type.filename. Here is a sampling of some files.
Data Entry pages to edit/modify/delete data:
de.taxes
de.employees
de.vehicles
Reports of data and calculations:
rep.summary
rep.costs
rep.schedules
Now, in the top of each module, an array is defined to indicate what page is a valid referring page (keeping people from bookmaking an internal site, such as http://192.168.1.82/?mod=de.employees&cmd=ConfirmDelete&item=33)
A sample of the array setup is:
<?php
$callFrom[] = \"de.home\";
$callFrom[] = \"de.taxes\";
$callFrom[] = \"de.vehicles\";
?>Currently I have it working to check to make sure the referring URL's mod value matches the array, however, as the list of Data Entry modules grow, I would really like to be able to also check
<?php
$callFrom[] = \"de.*\";
?>Now expression matching always takes me a while to figure out to begin with, and in PHP, I never can tell which matching function should be used for best results.
If anyone can provide suggestions on how to do this check using expressions, so that it will allow wildcards, I would be greatly thankful!
-Greg
Greg K posted this at 02:26 — 20th February 2004.
He has: 2,145 posts
Joined: Nov 2003
PS. The use of de.* is not specific, the * can be replaced with the expresion that does a match to anything. I just used an asterick as that is what i'm used to for wildcards.
-Greg
druagord posted this at 20:45 — 20th February 2004.
He has: 335 posts
Joined: May 2003
i'm not sure i follow you but but couldn't you just compare "de." to you the first 3 letter of your variable
Greg K posted this at 21:11 — 20th February 2004.
He has: 2,145 posts
Joined: Nov 2003
the thing is, each mod has a section that creates an array of acceptable referers, and would like to just be able to do a foreach loop to check them all instead of having to do multiple if statements.
sample of what I'm am looking for is:
<?php
$callingMod = $refData['mod']; // Sets it to the refering pages MOD setting
$refererOK = FALSE;
foreach ($callFrom as $thisReferer)
if (preg_match($thisReferer,$callingMod)) $refererOK = TRUE;
if (!$refererOK)
{
// Give message letting them know it was an invalid direct access and exit script
}
// Continue with program...
?>
I am thinking that instead of just doing $callFrom[] = "de.taxes" listing the actual mod info, I can set the arrays to be the actual expression matching strings to make things simpler.
-Greg
druagord posted this at 21:25 — 20th February 2004.
He has: 335 posts
Joined: May 2003
do you know about the in_array function
<?php
$callingMod = $refData['mod']; // Sets it to the refering pages MOD setting
if (in_array($thisReferer,$callingMod))
{
// Give message letting them know it was an invalid direct access and exit script
}
?>
would that be acceptable sorry i must be tired i don't grasp what you are trying to do exactly
IF , ELSE , WHILE isn't that what life is all about
Greg K posted this at 21:35 — 20th February 2004.
He has: 2,145 posts
Joined: Nov 2003
That would require me to list out every mod that is valid instead of using wildcards, which is what I currently have going on now and am trying to avoid.
-Greg
druagord posted this at 21:52 — 20th February 2004.
He has: 335 posts
Joined: May 2003
Ok my brain seems to be waking up now
do not put a wildcard in the array just put the allowable letters
like
<?php
$callingMod[] = \"de.\";
$callingMod[] = \"rep.\";
foreach ($callingMod as $calling)
if ( substr($thisReferer,0,strlen($calling))==$calling) $refererOK = TRUE;
if (!$refererOK)
{
// Give message letting them know it was an invalid direct access and exit script
}
// Continue with program...
if ( )
{
// Give message letting them know it was an invalid direct access and exit script
}
?>
IF , ELSE , WHILE isn't that what life is all about
Greg K posted this at 22:01 — 20th February 2004.
He has: 2,145 posts
Joined: Nov 2003
I think we have a winner!
I never thought of using that method!
Thank you very much!
-Greg
druagord posted this at 22:09 — 20th February 2004.
He has: 335 posts
Joined: May 2003
glad i could help
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.