Is there a good way of test if a string is a regex or normal string in PHP?
Ideally I want to write a function to run a string through, that returns true or false.
I had a look at preg_last_error():
<?php
preg_match('/[a-z]/', 'test');
var_dump(preg_last_error());
preg_match('invalid regex', 'test');
var_dump(preg_last_error());
?>
Where obviously first one is not an error, and second one is. But preg_last_error() returns int 0 both times.
Any ideas?
The simplest way to test if a string is a regex is:
if( preg_match("/^\/.+\/[a-z]*$/i",$regex))
This will tell you if a string has a good chance of being intended to be as a regex. However there are many string that would pass that check but fail being a regex. Unescaped slashes in the middle, unknown modifiers at the end, mismatched parentheses etc. could all cause problems.
The reason preg_last_error returned 0 is because the "invalid regex" is not:
track_errors worked!
/ delimiters.
Commented
Mar 4, 2016 at 18:34
Here is a good answer how to:
https://stackoverflow.com/a/12941133/2519073
if(@preg_match($your_pattern, '') === false){
//pattern is broken
}else{
//pattern is real
}
track_errors is deprecated with PHP 7.2
Commented
Feb 4, 2021 at 21:39
@ mutes it anyway, but I wouldn't rely on it): 3v4l.org/5YI6t
Commented
Dec 5, 2023 at 20:49
The only easy way to test if a regex is valid in PHP is to use it and check if a warning is thrown.
ini_set('track_errors', 'on');
$php_errormsg = '';
@preg_match('/[blah/', '');
if($php_errormsg) echo 'regex is invalid';
However, using arbitrary user input as a regex is a bad idea. There were security holes (buffer overflow => remote code execution) in the PCRE engine before and it might be possible to create specially crafted long regexes which require lots of cpu/memory to compile/execute.
Why not just use...another regex? Three lines, no @ kludges or anything:
// Test this string
$str = "/^[A-Za-z ]+$/";
// Compare it to a regex pattern that simulates any regex
$regex = "/^\/[\s\S]+\/$/";
// Will it blend?
echo (preg_match($regex, $str) ? "TRUE" : "FALSE");
Or, in function form, even more pretty:
public static function isRegex($str0) {
$regex = "/^\/[\s\S]+\/$/";
return preg_match($regex, $str0);
}
This doesn't test validity; but it looks like the question is Is there a good way of test if a string is a regex or normal string in PHP? and it does do that.
/. E.g. ``#/some/path/#` is a valid regex using hash marks, which is very common when matching paths. And since it's using regex matching anyway, might as well go with the false-return approach.
Commented
Dec 5, 2023 at 20:38
Since regex must be always surrounded only with one of three boundary characters /, @, #, and trailing characters may only be allowed modifiers, we can use quick test:
if (preg_match('/^[\/@#](.+)[\/@#imsxADSUXJun]+$/', $pattern, $match) ){
// .. do stuff, $match[0] contains full regex
}
This does not guarantee proper REGEX syntax in any way, but helps with quick detection.
'invalid regex'is a valid regex - in fact, any string that doesn't involve the regex special characters will be a valid regex. Try'['instead.'['is not a valid regex, therefore not all strings are valid regexs.'invalid regex'is actually not a valid regex, PHP returnsWarning: preg_match() [function.preg-match]: Delimiter must not be alphanumeric or backslash in D:\xampp\htdocs\overheard\test.php on line 5.