regular expression for finding out 'anything anything' anywhere in string

Question

i am trying to find out scrip tag both open() and close() in my php string.Please find my code below

public function custom_xss_clean($str){
  if(!preg_match('/(<\/?)(script|html)(>*)/i', $str)){
       return true;
  } else {
    $this->form_validation->set_message('custom_xss_clean','The %s field invalid');
    return false;
  }
}

This code is working fine in online tool but not in my code for string

<script>alert(10)</script>

I have tried so many pattern but no luck.Please help thanks in advance.

1. parsing html using a regex is generally not a very good idea and 2. you can also use javascript in html attributes so this is kind of pointless / not nearly enough. — jeroen, Sep 13 '17 at 09:40
thanks for quick reply Sahil but i am doing it for codeigniter validation.I have created a callback custom_xss_clean().Since CI is no longer support for XSS_CLEAN. — Arjun Choudhary, Sep 13 '17 at 09:47

score 0 · Answer 1 · answered Sep 13 '17 at 09:56

You mean you want to get everything between script tags?

<?php
    preg_match_all("|<[^>]+>(.*)</[^>]+>|U","<script>example: </script><div align=left>this is a test</div>",$out, PREG_PATTERN_ORDER);
    echo '<pre>',
    print_r($out);

if you are looking for xss_clean in codeigniter then follow this link click

score 0 · Accepted Answer · answered Sep 13 '17 at 10:09

0

Try This

preg_match('/<script>[a-zA-Z0-9 \. \n \t\r \* \\ \* ~`!@#$%^&*()-_+={}\[\]\'":;?\/><.,|]*<\/script>/', $str);

Am Tested also you can check live https://regex101.com/r/ih2C3F/1/

answered Sep 13 '17 at 10:09

Vijay Sharma

833
8
15

regular expression for finding out 'anything anything anything' anywhere in string

2 Answers2

regular expression for finding out 'anything anything' anywhere in string