Regular expression

Hey all!

I'm in panic! I need a regex that returns true on strings containing
both 'update' and 'where 1 = 1'. Both must be case insensitive and there
might be spaces between the 1's and the '=', and there might not..
Some nitwit chose to build the database functions of the site I'm
working on so that if there's no where-statement, it goes with where 1 =
1.. Problem is, I have no access to the class library, except the
sqlExecute-function... so I need to protect it all from there. Also, I
have absolutely NO time whatsoever to learn regexes, since this shit
empties the table fields every half hour or so.

I'd really appreciate someone writing the perfect regex for me.
Thanks!

Mike

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Regular expression

Here's a very simple one I just knocked out in a few seconds:

// The "i" after the pattern delimiter indicates a case-insensitive search
$SQLString='update atable set foobar=1 where 1=1';

if (preg_match("/update.*1(\s)?\=(\s)?1/i", $SQLString)) {
echo "A match was found.";
} else {
echo "A match was not found.";
}
?>

Mikael Grön wrote:
> Hey all!
>
> I'm in panic! I need a regex that returns true on strings containing
> both 'update' and 'where 1 = 1'. Both must be case insensitive and
> there might be spaces between the 1's and the '=', and there might not..
> Some nitwit chose to build the database functions of the site I'm
> working on so that if there's no where-statement, it goes with where 1
> = 1.. Problem is, I have no access to the class library, except the
> sqlExecute-function... so I need to protect it all from there. Also, I
> have absolutely NO time whatsoever to learn regexes, since this shit
> empties the table fields every half hour or so.
>
> I'd really appreciate someone writing the perfect regex for me.
> Thanks!
>
> Mike
>

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Regular expression

A little more precise to what you asked for:

// The "i" after the pattern delimiter indicates a case-insensitive search
$SQLString='update atable set foobar=1 where 1=1';
//$SQLString='update atable set foobar = 1 where 1 = 1';

if (preg_match("/update.*where\s1(\s)?\=(\s)?1/i", $SQLString)) {
echo "A match was found.";
} else {
echo "A match was not found.";
}
?>

Mikael Grön wrote:
> Hey all!
>
> I'm in panic! I need a regex that returns true on strings containing
> both 'update' and 'where 1 = 1'. Both must be case insensitive and
> there might be spaces between the 1's and the '=', and there might not..
> Some nitwit chose to build the database functions of the site I'm
> working on so that if there's no where-statement, it goes with where 1
> = 1.. Problem is, I have no access to the class library, except the
> sqlExecute-function... so I need to protect it all from there. Also, I
> have absolutely NO time whatsoever to learn regexes, since this shit
> empties the table fields every half hour or so.
>
> I'd really appreciate someone writing the perfect regex for me.
> Thanks!
>
> Mike
>

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php