More than a long talk to explain that bug, here's a screenshot that explains everything :
As soon as we enter an "e" inside the url which correspond to rss_category, it no longer match the route. See :
!
We resolved this by forcing a requirements for {slugCat} to accept anything .^ (they were no requirements before)
If that can help someone somday, and if anyone has a valid explanation, i'll be glad to hear (runing under Symfony 2.1.1).
Wow, difficult one. This happens because when compiling the route, symfony tries to use the character preceeding the variable name as a separator. This code is from RouteCompiler.php:
// Use the character preceding the variable as a separator
$separators = array($match[0][0][0]);
if ($pos !== $len) {
// Use the character following the variable as the separator when available
$separators[] = $pattern[$pos];
}
$regexp = sprintf('[^%s]+', preg_quote(implode('', array_unique($separators)), self::REGEX_DELIMITER));
Symfony does this because usually you will have some kind of separator before the variable name, a route like /upload/rssArticle/{slugCat}, where '/' would be the separator and it is trying to be helpful by letting you use this separator to separate variables in routes which contain several variables. In your case, the character before the variable is an 'e' and that character becomes a separator and that is why your route does not match. If your route had beed /upload/rssArticles{slugCat}, then the 's' would be the separator and that would be the character you would not be able to use.
Maybe you could create an issue on the symfony router component. I think that the preceeding character should not be used as a separator if it is a letter or a number.
Related
I am having allot of trouble finding a regex that will allow me to throw a error if the user tries to submit special characters especially "/" "\". I have a expression already that helps with other special characters but not the forward and backward slash Bonus: I don't want these ether but its not likely they will be entered. ~,!,#,#,$,%,^,&,*,().
I am currently using ^[\w{./\\(),'}+:?®©-]+$
The regex you have specifically allows / and \ (as well as ( and )). Change it like so:
^[\w{.,'}+:?®©-]+$
and keep removing any other characters you don't want to allow either.
In case you're wondering, the construct [...] is called a character class.
You can also use a negated character class like ^[^/\\()~!##$%^&*]*$ to allow any characters except /\()~!##$%^&*.
I would like to query an SQLite table that contains directory paths to find all the paths under some hierarchy. Here's an example of the contents of the column:
/alpha/papa/
/alpha/papa/tango/
/alpha/quebec/
/bravo/papa/
/bravo/papa/uniform/
/charlie/quebec/tango/
If I search for everything under /bravo/papa/, I would like to get:
/bravo/papa/
/bravo/papa/uniform/
I am currently trying to do this like so (see below for the long story of why I can't use more simple methods):
SELECT * FROM Files WHERE Path >= '/bravo/papa/' AND Path < '/bravo/papa0';
This works. It looks a bit weird, but it works for this example. '0' is the unicode code point 1 greater than '/'. When ordered lexicographically, all the paths starting with '/bravo/papa/' compare greater than it and less than 'bravo/papa0'. However, in my tests, I find that this breaks down when we try this:
SELECT * FROM Files WHERE Path >= '/' AND Path < '0';
This returns no results, but it should return every row. As far as I can tell, the problem is that SQLite is treating '0' as a number, not a string. If I use '0Z' instead of '0', for example, I do get results, but I introduce a risk of getting false positives. (For example, if there actually was an entry '0'.)
The simple version of my question is: is there some way to get SQLite to treat '0' in such a query as the length-1 string containing the unicode character '0' (which should sort strings such as '!', '*' and '/', but before '1', '=' and 'A') instead of the integer 0 (which SQLite sorts before all strings)?
I think in this case I can actually get away with special-casing a search for everything under '/', since all my entries will always start with '/', but I'd really like to know how to avoid this sort of thing in general, as it's unpleasantly surprising in all the same ways as Javascript's "==" operator.
First approach
A more natural approach would be to use the LIKE or GLOB operator. For example:
SELECT * FROM Files WHERE Path LIKE #prefix || '%';
But I want to support all valid path characters, so I would need to use ESCAPE for the '_' and '%' symbols. Apparently this prevents SQLite from using an index on Path. (See http://www.sqlite.org/optoverview.html#like_opt ) I really want to be able to benefit from an index here, and it sounds like that's impossible using either LIKE or GLOB unless I can guarantee that none of their special characters will occur in the directory name, and POSIX allows anything other than NUL and '/', even GLOB's '*' and '?' characters.
I'm providing this for context. I'm interested in other approaches to solve the underlying problem, but I'd prefer to accept an answer that directly addresses the ambiguity of strings-that-look-like-numbers in SQLite.
Similar questions
How do I prevent sqlite from evaluating a string as a math expression?
In that question, the values weren't quoted. I get these results even when the values are quoted or passed in as parameters.
EDIT - See my answer below. The column was created with the invalid type "STRING", which SQLite treated as NUMERIC.
* Groan *. The column had NUMERIC affinity because it had accidentally been specified as "STRING" instead of "TEXT". Since SQLite didn't recognize the type name, it made it NUMERIC, and because SQLite doesn't enforce column types, everything else worked as expected, except that any time a number-like string is inserted into that column it is converted into a numeric type.
I'm trying to create a RegEx Validator that checks the file extension in the FileUpload input against a list of allowed extensions (which are user specified). The following is as far as I have got, but I'm struggling with the syntax of the backward slash (\) that appears in the file path. Obviously the below is incorrect because it just escapes the (]) which causes an error. I would be really grateful for any help here. There seems to be a lot of examples out there, but none seem to work when I try them.
[a-zA-Z_-s0-9:\]+(.pdf|.PDF)$
To include a backslash in a character class, you need to use a specific escape sequence (\b):
[a-zA-Z_\s0-9:\b]+(\.pdf|\.PDF)$
Note that this might be a bit confusing, because outside of character classes, \b represents a word boundary. I also assumed, that -s was a typo and should have represented a white space. (otherwise it shouldn't compile, I think)
EDIT: You also need to escape the dots. Otherwise they will be meta character for any character but line breaks.
another EDIT: If you actually DO want to allow hyphens in filenames, you need to put the hyphen at the end of the character class. Like this:
[a-zA-Z_\s0-9:\b-]+(\.pdf|\.PDF)$
You probably want to use something like
[a-zA-Z_0-9\s:\\-]+\.[pP][dD][fF]$
which is same as
[\w\s:\\-]+\.[pP][dD][fF]$
because \w = [a-zA-Z0-9_]
Be sure character - to put as very first or very last item in the [...] list, otherwise it has special meaning for range or characters, such as a-z.
Also \ character has to be escaped by another slash, even inside of [...].
In my requirement a Textbox should allow Alphabets,Numeric s, Special Characters,Special Symbols With at least one Alphabet.
I will try like this but i am not getting.
^\d*[a-zA-Z][a-zA-Z0-9#*,$._&% -!><^#]*$
You may want to have 2 regular expression validators; one for validating the allowed characters, and one for validating that at least on alphabet has been provided. You may be able to get at least one, but this way, you can have two separate validation messages to show the user explaining why the input is wrong.
Just match for special characters until you encounter a letter, then match for everything until the end of the string:
^[0-9#*,$._&% -!><^#]*[a-zA-Z0-9#*,$._&% -!><^#]*$
Use lookaheads :
/^(?=.*[a-zA-Z])[\w#*,$.&%!><^#-]*$/
Edit :
I assume the - is meant as the actual - character and not a range of space to !.
I removed the space character. You can of course add it if you want.
[ -!]
Effectively means :
[ -!] # Match a single character in the range between “ ” and “!”
And I have no idea what that range entails!
$valid-url = "p1=".rawurlencode($_GET['p1'])."&type=".rawurlencode($_GET['type'])."&os=".rawurlencode($_GET['os'])."&price=".rawurlencode($_GET['price'])."&sort=".rawurlencode($_GET['sort'])."&sort_order=".rawurlencode($_GET['sort_order'])."&perpage=".rawurlencode($perpage)."";
i am trying to build the url and pass it to <a href=''..but its throwing escaping problem...can i get some help on this.
You can't use '-' in variable names! Your fixed code is:
$validurl = "p1=".rawurlencode($_GET['p1'])."&type=".rawurlencode($_GET['type'])."&os=".rawurlencode($_GET['os'])."&price=".rawurlencode($_GET['price'])."&sort=".rawurlencode($_GET['sort'])."&sort_order=".rawurlencode($_GET['sort_order'])."&perpage=".rawurlencode($perpage)."";
You should try to name the variable properly - is not allowed in variable names in PHP
Reference:
http://www.php.net/manual/en/language.variables.basics.php
Quote:
Variables in PHP are represented by a dollar sign followed by the name of the variable. The variable name is case-sensitive.
Variable names follow the same rules as other labels in PHP. A valid variable name starts with a letter or underscore, followed by any number of letters, numbers, or underscores. As a regular expression, it would be expressed thus: '[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*'