Sanitize query using preg_replace but allow some special characters
I am sanitizing a query using the following regex. However, I need some special characters to be allowed in the query.
In particular I need to allo开发者_运维技巧w: Ä, ä, Ö, ö, Ü, ü, ß
What do I need to change to achieve this?
$query = preg_replace('/[^-a-zA-Z0-9_\/]/', '', $_GET['destination']);
/[^\w-\p{L}\p{N}\p{Pd}]/
This will match anything that's NOT an alphanumeric character (including UTF-8 letters) as well as the dash (-).
Your question is really about how to support multibyte characters in preg expressions, see:
- Are the PHP preg_functions multibyte safe?
- preg_match and UTF-8 in PHP
精彩评论