允许用户使用Laravel和mysql在bio中发布url链接(Allow users to post url link in bio with Laravel and mysql)
问题是如何安全地允许用户在他们的bio中提交url链接或几个url链接,然后将其输出到视图,类似于Instagram允许他们的bios。 我正在考虑做一些正则表达式,搜索生物文本和输出来查看,但不知道如何安全地做到这一点而不影响我的网站的安全性:
我将bio表中的bio保存为varchar,长度为255
我正在验证然后保存到我的数据库,如下所示:
$this->validate($request, [ 'name' => 'regex:/^[\pL\s]+$/u|max:20', //change to allow numbers also July 14/16 'bio' => 'max:1000', ]);
然后保存到db
if ($request->has('bio')) { $user->bio= $request->input('bio'); $user->save(); }
Question is How do I safely allow users to submit a url link or several url links in their bio,then output it to the view, similar to how Instagram allows in their bios. I'm thinking of maybe doing some sort of regular expression , search the bio text and output to view, but don't know how to safely do it without compromising my site's security:
I'm saving the bio in my users table as varchar with a length of 255
I'm validating then saving to my database like so :
$this->validate($request, [ 'name' => 'regex:/^[\pL\s]+$/u|max:20', //change to allow numbers also July 14/16 'bio' => 'max:1000', ]);
then saving to db
if ($request->has('bio')) { $user->bio= $request->input('bio'); $user->save(); }
原文:https://stackoverflow.com/questions/39155873
最满意答案
您可以使用以下正则表达式替换:
Find what: \s(\S+)$ Replace with: ,\1
You can use the following regex replacement:
Find what: \h+(\S+)$ Replace with: ,\1
See the regex demo.
Details
\h+
- 1 or more (+
) repetitions of any horizontal whitespaces (\h
)(\S+)
- Capturing group 1: any one or more chars other than whitespace (\S
)$
- end of a line.The
,\1
replacement replaces the matched text with a comma and the contents of Group 1.
相关问答
更多-
尝试使用正则表达式负面lookbehind。 基本上看空间之前的字符是冒号(:),那么它不匹配那个空格。 s/(?
用逗号循环替换空格(Replace space with comma in loop)[2022-02-13]
使用csv可以编写列,只需更改分隔符: import csv with open('flare.csv', 'rb') as f_in, open("out_flare.csv", "wb") as f_out: reader = csv.reader(f_in, delimiter=" ") writer = csv.writer(f_out, delimiter=",") writer.writerows(reader) 与盲目替换字符相比,这将使其安全,因为在某些情况下,您 ...你可以用string.Split和string.Join实现这个目的: string myString = string.Join(" ", input.Split(@"\/:*?<>|".ToCharArray())); 出于好奇,对性能进行了测试,并且它比Regex方法快得多。 You can achieve this with string.Split and string.Join: string myString = string.Join(" ", input.Split(@"\/:*?<> ...首先, String.Replace方法 1将您的字符串作为plmca60,,,,,5返回,因为来自文档; 返回一个新字符串,其中当前实例中所有出现的指定字符串都替换为另一个指定的字符串。 你不需要正则表达式。 您可以使用String.IndexOf(string)获取空白的第一个索引和一点点Remove和Insert方法组合。 报告此实例中第一次出现的指定字符串的从零开始的索引 string sku = "plmca60 5"; int index = sku.IndexOf(" "); sku ...你可以使用这个sed命令 sed -r 's/\s+/,/' File_Name 要么 sed -r 's/ +/,/' File_Name -r, --regexp-extended use extended regular expressions in the script. 输出: A,B 123,Hi There 234,Hello there You can use this sed command sed -r 's/\s+/,/' File_Name or ...您可以使用以下正则表达式替换: Find what: \s(\S+)$ Replace with: ,\1 You can use the following regex replacement: Find what: \h+(\S+)$ Replace with: ,\1 See the regex demo. Details \h+ - 1 or more (+) repetitions of any horizontal whitespaces (\h) (\S+) - Capturi ...var test = "Service Control Manager repeated 5 times, Microsoft-Windows-DistributedCOM repeated 2 times, Control Manager repeated 6 times."; var lastComma = test.LastIndexOf(','); if (lastComma != -1) test = test.Remove(lastComma, 1).Insert ...查找并替换字符串中的多个逗号/空格实例,Python(Find and replace multiple comma/space instances in a string, Python)[2022-07-30]
所以正则表达式搜索两个或更多的实例, (逗号+空格),然后在sub只用一个单独的替换它。 import re pattern = re.compile(r'(,\s){2,}') test_string = 'a, b, , c, , , d, , , e, , , , , , , f' print re.sub(pattern, ', ', test_string) >>> a, b, c, d, e, f 并没有一个正则表达式(正如@Casimir et Hippolyte在评论中所建议的那样) t ...tr -d通常用于删除字符。 如果您想快速使用space-colon-space序列1替换逗号,只需使用: sed 's/,/ : /g' testfile 一旦您对输出感到满意,您可以使用sed -i替换原始文件,如果这是您想要的: sed -i.bak 's/,/ : /g' testfile 这将修改文件,将原始内容保留在testfile.bak 。 如果您的sed不够高级以获得-i选项,则可以手动执行: mv testfile testfile.bak sed 's/,/ : /g' testf ...如何用空格替换“ - ”?(How to replace “-” with a space?)[2022-01-05]
你可以试试这个: guess="" attempts = 6 tries = 0 space = " " print("Hangman: guess letters until you can guess the word or phrase.") print("In this game you get six tries.") right_str = str(input("\nEnter your word: ")) right_str = right_str.lower() output = "" ...相关文章
更多- LARAVEL学习--安装
- mysql问题
- jdbc连接oracle、mysql等主流数据库的驱动类和url
- httpclient post 请求
- howto:solr post.jar使用
- Solr与Mysql集成指南
- Solr与Mysql集成指南
- my php & mysql FAQ
- solr 索引mysql DIH 链接
- jstl c:url教程-jstl输出url标签
最新问答
更多- h2元素推动其他h2和div。(h2 element pushing other h2 and div down. two divs, two headers, and they're wrapped within a parent div)
- 创建一个功能(Create a function)
- 我投了份简历,是电脑编程方面的学徒,面试时说要培训三个月,前面
- PDO语句不显示获取的结果(PDOstatement not displaying fetched results)
- Qt冻结循环的原因?(Qt freezing cause of the loop?)
- TableView重复youtube-api结果(TableView Repeating youtube-api result)
- 如何使用自由职业者帐户登录我的php网站?(How can I login into my php website using freelancer account? [closed])
- SQL Server 2014版本支持的最大数据库数(Maximum number of databases supported by SQL Server 2014 editions)
- 我如何获得DynamicJasper 3.1.2(或更高版本)的Maven仓库?(How do I get the maven repository for DynamicJasper 3.1.2 (or higher)?)
- 以编程方式创建UITableView(Creating a UITableView Programmatically)
- 如何打破按钮上的生命周期循环(How to break do-while loop on button)
- C#使用EF访问MVC上的部分类的自定义属性(C# access custom attributes of a partial class on MVC with EF)
- 如何获得facebook app的publish_stream权限?(How to get publish_stream permissions for facebook app?)
- 如何防止调用冗余函数的postgres视图(how to prevent postgres views calling redundant functions)
- Sql Server在欧洲获取当前日期时间(Sql Server get current date time in Europe)
- 设置kotlin扩展名(Setting a kotlin extension)
- 如何并排放置两个元件?(How to position two elements side by side?)
- 如何在vim中启用python3?(How to enable python3 in vim?)
- 在MySQL和/或多列中使用多个表用于Rails应用程序(Using multiple tables in MySQL and/or multiple columns for a Rails application)
- 如何隐藏谷歌地图上的登录按钮?(How to hide the Sign in button from Google maps?)
- Mysql左连接旋转90°表(Mysql Left join rotate 90° table)
- dedecms如何安装?
- 在哪儿学计算机最好?
- 学php哪个的书 最好,本人菜鸟
- 触摸时不要突出显示表格视图行(Do not highlight table view row when touched)
- 如何覆盖错误堆栈getter(How to override Error stack getter)
- 带有ImageMagick和许多图像的GIF动画(GIF animation with ImageMagick and many images)
- USSD INTERFACE - > java web应用程序通信(USSD INTERFACE -> java web app communication)
- 电脑高中毕业学习去哪里培训
- 正则表达式验证SMTP响应(Regex to validate SMTP Responses)