Dave Goodchild wrote:
This is what I use:

$site = (!preg_match('#^http://#', $_PST['c_site'])) ?
raw_param(trim(strip_tags("http:\/\/" . $_PST['c_site']))) :
raw_param(trim(strip_tags($_PST['c_site'])));

this is much better: http://php.net/parse_url

don't worry about raw_param, that's a function of my own, but you get the
idea.

wouldn't it have been less hassle to delete the raw_param() call than
to try and explain it's existence?

Dave Goodchild wrote:
Wouldn't it have been less hassle to not send that comment when all I
was doing was trying to help, am pressed for time, and copied and pasted
my solution?

no hassle on my part. :-D

I doubt you want me to point out that you original
comment that I commented on and the reply thereof
you sent both constitute a greater waste of your time
(and less confusion on the part of the P) than if you had
just removed the 'raw_param' from your original code snippet),
given that your so 'pressed for time' (which is, in essence, nothing more
than a state of mind).

"do or do not, there is no try" said the funnny, little green man.

1/26/07, * Jochem Maas* <jochem (AT) iamjochem (DOT) com
<mailto:jochem (AT) iamjochem (DOT) com>wrote:

Dave Goodchild wrote:
This is what I use:

$site = (!preg_match('#^http://#', $_PST['c_site'])) ?
raw_param(trim(strip_tags("http:\/\/" . $_PST['c_site']))) :
raw_param(trim(strip_tags($_PST['c_site'])));

this is much better: http://php.net/parse_url

don't worry about raw_param, that's a function of my own, but you
get the
idea.

wouldn't it have been less hassle to delete the raw_param() call than
to try and explain it's existence?

Fri, January 26, 2007 8:10 am, Corden James (RW3) CM&MC Manchester
wrote:
I have a form in which users submit a url. I am having problems as
some
people submit the url in the format http://www.blah.blah.org
<http://www.blah.blah.org/while others submit in the format
www.blah.blah.org <http://www.blah.blah.org/I have designed the
form
so that it seems fairly obvious (to me anyway) not to include the
http:// but people are still doing it (presumably because they are
copying and pasting from a browser). My form processing script is
designed to add http:// to the submitted url and place the modified
url
in a database for future use. As you can imagine sometimes I end up
with
urls such as
<http://http:/www.blah.blah.orgin my database. Hence I need a more
rigorous form processing script that is capable of first checking if
the
url includes http:// and then processes accordingly. Can anyone point
me
in the right direction for such a script?

Perhaps you could do this:
if (strtolower(substr($input, 0, 7)) 'http://') $input =
substr($input, 7);

What I tend to do, however, is just check on output:
if (!stristr($link, 'http://')) $link = "http://$link";

Yes, this means that I may be re-doing the operation a zillion times
at output instead of once at input, but it also means that users
aren't miffed that I took their URL and "changed" it out from under
them when they go back to edit it.

There is also the nifty http://php.net/parse_url which might be smart
enough to default to 'http://' and then you could assemble the URL.

Depends how funky the URLs might get -- Mine are always just
homepages, so don't have much in the way of weird complex URL issues
like #fragment or GET parameters.

other suggestion:

You could use http://php.net/fopen to find out if the link is valid at
the time of input.

This will slow down input considerably, but can help catch typos in URLs.

You could even go so far as to "read" the beginning of the HTML and
see if there is a TITLE tag, and present that to the user to confirm
it's the page they meant

Though there's an awful lot of bad HTML out there with no title tag.
:-( So then you need an extra check for that, and a fallback like the
first non-tag line of the body or the META description if it's there
or

This presumes allow_url_fopen is "on" in php.ini, which might not be
true for security reasons.

Hello,

on 01/26/2007 12:10 PM Corden James (RW3) CM&MC Manchester said the
following:
I have a form in which users submit a url. I am having problems as some
people submit the url in the format http://www.blah.blah.org
<http://www.blah.blah.org/while others submit in the format
www.blah.blah.org <http://www.blah.blah.org/I have designed the form
so that it seems fairly obvious (to me anyway) not to include the
http:// but people are still doing it (presumably because they are
copying and pasting from a browser). My form processing script is
designed to add http:// to the submitted url and place the modified url
in a database for future use. As you can imagine sometimes I end up with
urls such as
<http://http:/www.blah.blah.orgin my database. Hence I need a more
rigorous form processing script that is capable of first checking if the
url includes http:// and then processes accordingly. Can anyone point me
in the right direction for such a script?

I use a solution for that a lot of times that consists on using regular
expressions to fill eventually missing characters in the URL.

I use a popular forms generation and validation class that allows me to
replace string patterns. It works on client side with Javascript and
also on server side with the class itself. When using this class, you do
not need to know any Javascript. Just define how you want to replace the
string value patterns.

Here you may find a live example form that demonstrates that:

See the test_form.php example form script to see how it works in action.

, here you may find a tutorial video that explains all the features
demonstrated by that example: