-2

i am trying to check if a string is empty by doing the following

if trim(somestring) = '' then
begin
//that an empty string
end

i am doing this empty check in my client application , but i notice that some clients inserts empty strings even with this check applied .

on my Linux server side those empty chars showing as squares and when i copy those chars i can be able to bypass the empty string check like the follwing example

 ‍‍‍

if you copy this empty chars the check will not be effected how can i avoid that ?

Vlark.Lopin
  • 762
  • 10
  • 21
  • Try somestring.IsEmpty – Vancalar Mar 16 '17 at 00:11
  • also bypassed . and this chars can make serious vulnerability – Vlark.Lopin Mar 16 '17 at 00:18
  • 2
    You've pasted a blank space, which would not pass the Trim function. Therefore, you've not posted your actual code or input. Trim removes leading and trailing spaces, and what you've pasted in is a simple #32 space character. It's not even a Unicode character, but a simple ASCII #32. I verified this in 10.1 Berlin by simply writing `WriteLn(Length(Trim(' '));`, pasting in the character you pasted between the two ' ' characters, and got an output of 0. I then had it output `StrToInt(Ord(' '))`, again pasting in the character you posted, and got 32. – Ken White Mar 16 '17 at 00:18
  • Uhm And : length(somestring)=0 – Vancalar Mar 16 '17 at 00:20
  • @Vancalar length = 3 . – Vlark.Lopin Mar 16 '17 at 00:21
  • @KenWhite i tested this chars in a plain empty project without any extra codes and the trim were not detected any empty space – Vlark.Lopin Mar 16 '17 at 00:23
  • @KenWhite then i should check if #32 is exist in the string then stripped it out ? – Vlark.Lopin Mar 16 '17 at 00:24
  • No. Trim already does that, so the problem is not as you claim. I've shown you that `Length(Trim(YourChar))` returns zero, which means Trim removed the character. I've also shown you how to see what the actual value of the character is on your system. Did you even read my last comment? – Ken White Mar 16 '17 at 00:27
  • the length on my test gives 3 not 0 , also the font in my os character map is system . – Vlark.Lopin Mar 16 '17 at 00:49
  • as example charter code 0xFD – Vlark.Lopin Mar 16 '17 at 01:30
  • That's not what you posted here. Trim only removes whitespace characters (eg., tabs and spaces), which is explained in the documentation for that function. $FD is clearly not whitespace. How are your users inputting that value? It's clearly not on the keyboard. – Ken White Mar 16 '17 at 01:35
  • they simply double click on that empty char and they press ctrl+c then in the program they do ctrl+v then they can use that chars – Vlark.Lopin Mar 16 '17 at 01:41
  • So now you know that Trim is not bypassed and what character you need to remove from the string, right? Do you still have a question? (And if you remove the invalid character, it won't be there for them to copy/paste, right?) – Ken White Mar 16 '17 at 02:40
  • 0xFD would be ý (LATIN SMALL LETTER Y WITH ACUTE) in Unicode. 0xFE could be part of a UTF-16 byte order mark. 0xA0 is non-breaking space - equivalent to   in HTML – Gerry Coll Mar 16 '17 at 05:34

2 Answers2

5

Your code is working correctly and the strings are not empty. An empty string is one whose length is zero, it has no characters. You refer to empty characters, but there is no such thing. When. your system displays a small empty square that indicates that the chosen font has no glyph for that character.

Let us assume that these strings are invalid. In that case the real problem you have is that you don't yet fully understand what properties are required for a string to be valid. Your code is written assuming that a string is valid if it contains at least one character with ordinal value greater than 32. Clearly that test is not correct. You need to step back and work out the precise rules for validity. Only when these are clear in your mind can you correct you program and check for validity correctly.

On the other hand perhaps these strings are valid and the mistake is simply that you are erroneously determining otherwise when you inspect the data. Only you can know this, we don't have the information.

A useful technique in all of this is to inspect the ordinal values of the strings. Loop through the characters printing the ordinal value of each one. That allows you to see what is really there and not be at the mercy of non-printing characters, characters with no glyph, invalid encodings, etc.

David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490
  • thats gives me the idea of looping through the length of the chars and check the char code to detect the unwanted chars . Thank you very much – Vlark.Lopin Mar 16 '17 at 16:11
1

Since Trim is pretty simple function, it omits only characters with less than or equal dec 32 in ASCII table

( Sample from System.SysUtils.pas )

while S.Chars[L] <= ' ' do Dec(L);

Therefore it's possible that You just can't see some exotic chars ( > ASCII 128) due to bad encoding used with Your input string. try to use :

StrToInt(Ord(SomeChar)) On every char that is not "trimmed" and remove them by hand or check Your encoding.

Kind Regards

Vancalar
  • 963
  • 1
  • 7
  • 15
  • i tested with a tedit control i think the chars posted in here were have the wrong encoding. open your charter map in your os select the font called system copy the empty letter at the end of the character map letters as example charter code 0xFD – Vlark.Lopin Mar 16 '17 at 01:42
  • kinda close to the actual programmatically idea – Vlark.Lopin Mar 16 '17 at 16:13