Viewed   115 times

I am trying to write a function to clean up user input.

I am not trying to make it perfect. I would rather have a few names and acronyms in lowercase than a full paragraph in uppercase.

I think the function should use regular expressions but I'm pretty bad with those and I need some help.

If the following expressions are followed by a letter, I want to make that letter uppercase.

 ". " (followed by a space)
 "! " (followed by a space)
 "? " (followed by a space)

Even better, the function could add a space after ".", "!" and "?" if those are followed by a letter.

How this can be achieved?


$output = preg_replace('/([.!?])s*(w)/e', "strtoupper('\1 \2')", ucfirst(strtolower($input)));

Since the modifier e is deprecated in PHP 5.5.0:

$output = preg_replace_callback('/([.!?])s*(w)/', function ($matches) {
    return strtoupper($matches[1] . ' ' . $matches[2]);
}, ucfirst(strtolower($input)));
Saturday, November 26, 2022

There are many different approaches to XSS that are secure. The only why to know if your approach holds water is to test though exploitation. I recommend using a Free XSS vulnerability Scanner*, or the open source wapiti.

To be honest I'll never use strip_tags() becuase you don't always need html tags to execute javascript! I like htmlspecialchars($var,ENT_QUOTES); .

For instance this is vulnerable to xss:

print('<A HREF="'.strip_tags($_REQUEST[xss]).'">link</a>');

You don't need <> to execute javascript in this case because you can use onmouseover, here is an example attack:

$_REQUEST[xss]='" onMouseOver="alert(/xss/)"';

The ENT_QUOTES will take care of the double quotes which will patch this XSS vulnerability.

*I am affiliated with this site/service.

Tuesday, September 6, 2022

There's a good answer here:

function toTitleCase(str) {
    return str.replace(/wS*/g, function(txt){
        return txt.charAt(0).toUpperCase() + txt.substr(1).toLowerCase();

or in ES6:

var text = "foo bar loo zoo moo";
text = text.toLowerCase()
    .split(' ')
    .map((s) => s.charAt(0).toUpperCase() + s.substring(1))
    .join(' ');
Monday, October 24, 2022

You can use the following substitution:

  • < matches the start of a word
  • . matches the first character of a word
  • u tells Vim to uppercase the following character in the substitution string (&)
  • & means substitute whatever was matched on the left-hand side
  • g means substitute all matches, not only the first
Tuesday, November 15, 2022

You're looking for .val():



Friday, October 28, 2022
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :