During the preparation for my Zend Certification, I found Regular Expressions to be one of those topics that I had a difficult time wrapping my head around. Recently, due to a project at work, I have been exploring the power of RegEx. Throughout my research, I’ve found some pretty cool expressions, as well as some very useful tools.

Removing All HTML Tags

Unlike PHP, ColdFusion does not have a strip_tags function. Luckily, as I discovered, the RegEx to strip HTML tags is not complicated.

<cfscript>
content = '<div>Tacos</div><div>Burritos</div><div>Tostadas</div>';
content = REReplaceNoCase(content,'<[^>]*>','','all');
</cfscript>
<cfdump var="#content#">

Let’s take a look at the expression itself. The key portion is ‘[^>]*’. The brackets are special characters that set apart that section of the expression. Inside the brackets we have ^>. The ^ is a special character that means ‘not’. So the brackets tell us we’re looking for ‘not >’. Next, we have the special character *, which means 0ne or more. Knowing this we can now read the entire expression to say ’starts with < then has 0ne or more characters that are not > and ends with >’.

In PHP the equivalent code would look like this:

<?php
$content = '<div>Tacos</div><div>Burritos</div><div>Tostadas</div>';
$content = strip_tags($content);
echo $content;
?>

Retrieving Content from an HTML Tag

Instead of needing to remove tags, I have found myself needing to retrieve the content of a specific tag. In this example, we will look at retrieving the content of the title tag on a page.

First we’re going to look at a ColdFusion example:

<cfscript>
str = "<title>Ricky Delicious Mexican Food</title>";
arrTitle = REMatchNoCase('<title>.*(?=</title>)',str);
if(NOT ArrayIsEmpty(arrTitle)) {
test = ReplaceNoCase(arrTitle[1], '<title>', '');
}
</cfscript>
<cfdump var="#test#">

The first part of the expression says “Starts with <title>” and then we encounter the special character ‘.’. This will match any character except a newline ‘\n’. We then see the familiar * character. Which means we’re matching ‘any character except newline for zero or more times’. We then character a sequence in () which means these are ‘grouped’. Next we have a the character sequence ‘?=’ which means this is a look ahead. A look ahead is a character sequence which we will end our match immediately before. So if we read this expression it says “Start with <title> then match any character but newlines on or more times and end immediately before <title>. Next we strip <title> from the returned string.

Now let’s take a look at this code in PHP:

<?php
$str = "<title>Ricky's Delicious Mexican Food";
if(preg_match( "/(?<=<title>).*?(?=<\/title>)/i", $str, $matches)) {
$title = $matches[0];
}
echo $title;
?>

I’m using preg_match, which uses PERL syntax. The key thing to note about the differences in expressions is the availability of ‘look behinds’ in PHP. A look behind is the exact opposite of a look ahead. It says “Start immediately after <title>”. This is why we can simply get the match and not have to strip the beginning tag. ColdFusion currently does not support look behinds, but I hope that in the future they add this functionality.

Useful Tools:

http://www.regextester.com/

I find this site very useful because it allows me to test my RegEx in real time. This saves me the time of making a change in the code and refreshing constantly.

http://www.addedbytes.com/cheat-sheets/regular-expressions-cheat-sheet/

I’m a rather big fan of ‘cheat sheets’. It’s helpful to have one of these around whenever I find myself stuck.

b4 u use the values in your script, u need to check the variables to make sure they contain what u expect ‘em to contain! Thus never trust info from user.

Checking for empty fields:

u can require the user to enter info in a field and check when the user didn’t and let him back to re-fill that field using:

empty($_POST['field_name']);

this function returns true if the field is empty,,, false otherwise !

Checking for specific format:

u can check using some built in functions like if u expect string, u can check using is_string and so on… for a table of these functions c this previous post Changing the order of statement execution

Using regular expressions to check user input:

u can aslo compare the info to a pattern to c if it matches if u care a lot about the information pattern using ereg function … for more in this ,,, check this previous post: pattern matching with regular expressions

Cleaning information:

• strip_tags: this function removes all tags from the text, u can keep some tags:

$variable_name = strip_tags($_POST)['field_name'],”<tag u allow> <tag u allow>“);

• htmlspecialchars: this function changes some special characters to HTML into HTML format that allow ‘em to display without any special meaning

Examples: < become &alt;

? become &gt;

and & become &amp;

$variable_name= htmlspecialchars($_POST)['field_name']);

• trim: remove extra spaces at the beginning and the end of the field info, bcz it’s familiar that user enter spaces by mistake.

$variable_name= trim($_POST)['field_name']);

Example:

in this example, i will use the same forms in the previous post but i will check for three fields (first name, second name and last name) not to keep blank ,,, if so … the user will be asked to re-fill ‘em …. if they r not blank , then it will output the same information in that example….

Building the forms code:

<br><center><h2> Customer information </h2></center>
<br><br>

<center>
<table border=”0″>
<form action=”customer_info.php” method=”POST”>
<tr> <td> First name:</td> <td> <input type=”text” name=”first_name”></td></tr>
<tr> <td>Second name: </td> <td> <input type=”text” name=”second_name”> </td></tr>
<tr><td>Last name: </td> <td> <input type=”text” name=”last_name”></td> </tr>
<tr><td> Street Address:</td><td> <input type=”text” name=”st_address”></td> </tr>
<tr><td> City:</td><td>
<select name=”city”
<option> Amman </option>
<option> Aqaba </option>
<option> Irbd </option>
<option> Zarqa </option>
</td> </tr>
<tr><td>Sex: </td><td>
<input type =”radio” name=”Radio1″ value= “M” > Male
<input type =”radio” name=”Radio1″ value= “F”> Female
</td></tr>
<tr><td>Your Operating system: </td><td>
<input type= “checkbox” name=”os0″ value=”W”> Windows
<input type= “checkbox” name=”os1″ value=”L”> Linux
<input type= “checkbox” name=”os2″ value=”M”> Mac
</td></tr>
</table><br>

<input type=”submit” value=”submit name”>
</form>

the customer info code:

<?php

function set_sex(){
if ($_POST[Radio1]==”M”) {
$sex= “Male”;
}
else
{
$sex= “Female”;}
}

function print_info()
{

echo “Welcome “,$_POST['first_name'],”!<br>”;
echo “Your second name is: “,$_POST['second_name'];
echo “<br>Your last name is: “,$_POST['last_name'];
echo “<br>”;
echo “you are “, $sex;
echo ” living in: “, $_POST[city];
echo “  in the “, $_POST[st_address],” Street”;
echo “<br>and your operating systems are: <br>”;

if (isset($_POST['os0'])) {
echo “Windows<br>”;
}

if (isset($_POST['os1'])) {
echo “Linux<br>”;
}

if (isset($_POST['os2'])) {
echo “Mac<br>”;
}
return;
}

function blank_check(){
if (empty($_POST['first_name']))
{
echo “You didn’t enter your first name! <br>”;
$blank_check_var = TRUE;
}

if (empty($_POST['second_name']))
{
echo “You didn’t enter your second name! <br>”;
$blank_check_var = TRUE;
}

if (empty($_POST['last_name']))
{
echo “You didn’t enter your last name! <br>”;
$blank_check_var = TRUE;
}

return $blank_check_var;

}

//main
set_sex();
$check_var= blank_check();
if (!$check_var){
print_info();
}

?>

The output after leaving the first name blank is:

You didn’t enter your first name!

The output after leaving the first and second name blank is:

You didn’t enter your first name!
You didn’t enter your second name!

The output after leaving the first, second and last name blank is:

You didn’t enter your first name!
You didn’t enter your second name!
You didn’t enter your last name!

Source to download: http://mustafaturan.net/download/lectures/csharp/strip_tags_csharp.txt

// as a namespace do not forget to add: using System.Text.RegularExpressions;
static string strip_tags(string str, string allowed_tags)
{
/*
// Coder: Mustafa Turan
// Date: 05.09.2008
// Contact:
// http://mustafaturan.net/
// http://mustafaturan.wordpress.com/
// wm [ #at# ] mustafaturan.net
// Licence: GNU and MIT Licence
// EXAMPLES
// —>     function call1: strip_tags(“<a href=\”asdadsadsad.html\”>doctor</a> <p>pirasa</p> <img src=\”asd.jpg\” /> <h1>hey you</h1>”, “<a>,<p>,<img />”)
// —>     result: <a href=”">doctor</a> <p>pirasa</p> <img src=”asd.jpg” /> hey you
// —>     function call2: strip_tags(“<a href=\”asdadsadsad.html\”>doctor</a> <p>pirasa</p> <img src=\”asd.jpg\” /> <h1>hey you</h1>”, “”)
// —>     result: doctor pirasa hey you
*/

// START
// pattern for getting all tags
string pattern_for_all_tags = “</?[^><]+>”;

// pattern for allowed tags
string allowed_patterns = “”;
if(allowed_tags!=”"){
// get allowed tags if any exists
Regex r = new Regex(“[\\/<> ]+”);
allowed_tags = r.Replace(allowed_tags,”");
string[] allowed_tags_array = allowed_tags.Split(‘,’);
foreach (string s in allowed_tags_array)
{
if (s == “”) continue;
// Definin patterns
string p_1 = “<” + s + ” [^><]*>$”;
string p_2 = “<” + s + “>”;
string p_3 = “</” + s + “>”;
if(allowed_patterns!=”")
allowed_patterns += “|”;
allowed_patterns += p_1 + “|” + p_2 + “|” + p_3;
}
}

// Get all html tags included on string
Regex strip_tags = new Regex(pattern_for_all_tags);
MatchCollection all_tags_matched = strip_tags.Matches(str);

if (allowed_patterns != “”)
foreach (Match m in all_tags_matched)
{
Regex r_1 = new Regex(allowed_patterns);
Match m_1 = r_1.Match(m.Value);
if (!m_1.Success)
{
// if not allowed replace it
str = str.Replace(m.Value, “”);
}
}
else
// if not allow anyone replace all
str = strip_tags.Replace(str, “”);
return str;
}

Am scris un mic articolas cu o functie similara lui Strip_Tags() din PHP pe care bajetii de la ASP.NET au cam ratat-o. Am scris metoda (“functia”) in C#. La testele de viteza a iesit destul de bine : cam 6 microsecunde pe un HTML de 25kb pe Intel Core Duo 1,83GHz si 1GB RAM.

Puteti vedea intregul articol (in engleza) pe CodeProject aici.