tags:

views:

1273

answers:

2
Q: 

Notepad++ regular expression find and replace $_REQUEST with $_GET but a more secure

What I am doing is replacing, in a large program, all $_REQUEST['var'] and mysql_escape_string($_REQUEST['var']) with either the 1st or 2nd line below the dotted line.

Now, I have figured out this much of the regular expression but I would like to make it simpler. Instead of having to run the top one first then the 2nd one I would like to just run one all together. I tried this but it did not work.

(mysql_escape_string\()*$_REQUEST\[\'([^']*)\'\]\)(\)*)

So below is what works but again have to do it twice.

$_REQUEST\[\'([^']*)\'\]

mysql_escape_string\($_REQUEST\[\'([^']*)\'\]\)

(isset($_GET['\1'])?mysql_real_escape_string($_GET['\1']):false)

(isset($_POST['\1'])?mysql_real_escape_string($_POST['\1']):false)

============================ Update: Yeah, after some research I figured out that Notepad++ does not support most regular expressions. I guess one additional step can not hurt a person. It's just laziness.

*NOTE: BUT if anyone wants to try feel free to comment. At least it is just 2 steps and not 20.

A: 

I would have said to use this regex:

mysql_escape_string\(\$_REQUEST\['[^']*'\]\)|\$_REQUEST\['[^']*'\]

...but it appears Notepad++ doesn't support alternation (that's the pipe: '|') in regex searches. In fact, there seem to be a lot of basic regex features that aren't supported. This should be a simple task, but I can't get it to work at all in NPP. I don't see how that editor can claim to support regex search at all. (And yes, I know it inherited that feature from SciTE--I'm disappointed in them, too.)

If you want real regex search-and-replace in your editor, I suggest you shell out for EditPad Pro. Its regex flavor is one of the best in existence--in terms of both power and features, I would rate it second only to Perl. Its syntax is highly compatible, too; for example, it supports all of the variations in named-capture syntax found in Perl, Python, PHP and .NET.

Disclaimer: I have no financial or personal stake in EditPad Pro; I just use it and can't imagine life without it. :D

Alan Moore  2009-09-11 02:56:57
Almost all of Notepad++'s features seem to only be half-finished, I don't know how anyone uses that editor.
Chad Birch  2010-05-18 20:30:22
A: 

notepad++ does support alternation, but the alternating terms have to be enclosed in [ ]'s. eg:

(www.mysite.co.uk\/[\/\w]*\/[-.\w]*.[html|css]:)[\s]*.*[/|'|"]([-\w.]*.[gif|jpg|ico]).*

Which is the regex I was working on when I searched for notepad++ and alternation.

**EDIT: Ok, it's not working right, I take it back. It's treating the characters within the []'s as a class.

Tim  2010-07-29 14:53:49

related questions

Passing a commented, multi-line (freespace) regex to preg_match
My regex is matching too much. How do I make it stop?
Using Regex to generate Strings rather than match them
Complexity of Regex substitution
What is the most brilliant regex you've ever used?
RFC calculation in Java need help with algorithm
What did I do wrong here? [Javascript Regex]
How do you use back-references to PCREs in PHP?
Need help writing a regex statement. [PHP]
Regex and unicode
Python Regular Expressions
Question about specific regular expression
Pre-built regular expression patterns or Regex Libraries?
Parsing attributes with regex in Perl
Regex Rejecting matches because of Instr
How do I bind a regular expression to a key combination in emacs?
How do you retrieve selected text using Regex in C#?
Remove Quotes and Commas from a String in MySQL
Regular expression for parsing links from a webpage?
What are good regular expressions?
Why is this regular expression faster?
Learning Regular Expressions
How far should one take e-mail address validation?
How can I get at the matches when using preg_replace in PHP?
Regex: To pull out a sub-string between two tags in a string