PHP Form Validation - Deprecated Function eregi()

Question

I've just raised a separate question on a problem with an enquiry form that had a deprecated eregi PHP function. Unfortunately, there's another file I missed that validates the form which is riddled with them :(

Here's the code below:

   /* ERRORS */
    function error($str) // private
    {
        $this->error = true;
        $this->error_string .= $str;
    } 
    /* VALIDATE FIELD AGAINST TYPE */
    function checkit($value, $type) // private
    {
        $length = "";
        if (eregi("^MIN[0-9]+$", $type)) {
            $tmp = explode(":", $type);
            $length = $tmp[1];
            $type = "MINLENGTH";
        } 
        if (eregi("^MAX[0-9]+$", $type)) {
            $tmp = explode(":", $type);
            $length = $tmp[1];
            $type = "MAXLENGTH";
        } 

        switch ($type) {
            case "NOT_EMPTY":
                $this->error_tmp = "string cannot be empty";
                return $this->not_empty($value);
                break;

            case "MINLENGTH":
                if (strlen($value) < $length) {
                    $this->error_tmp = "string to short";
                    return false;
                } else {
                    return true;
                } 
                break;

            case "MAXLENGTH":
                if (strlen($value) > $length) {
                    $this->error_tmp = "string to long";
                    return false;
                } else {
                    return true;
                } 
                break;

            case "ALPHA":
                $exp = "^[a-z]+$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not alpha";
                    return false;
                } 
                break;

            case "ALPHASPACE":
                $exp = "^[a-z ]+$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not alphaspace";
                    return false;
                } 
                break;

            case "ALPHANUM":
                $exp = "^[a-z0-9]+$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not alphanum";
                    return false;
                } 
                break;

            case "ALPHANUMSPACE":
                $exp = "^[a-z0-9 ]+$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not alphanumspace";
                    return false;
                } 
                break;

            case "NUMERIC":
                $exp = "^[0-9]+$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not numeric";
                    return false;
                } 
                break;

            case "NUMERICPLUS":
                $exp = "^[0-9+-.]+$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not numericplus";
                    return false;
                } 
                break;

            case "EMAIL":
                $exp = "^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "not a valid email";
                    return false;
                } 
                break;

            case "YYYYMMDD":
                $exp = "^(19|20)[0-9][0-9][- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not YYYYMMDD";
                    return false;
                } 
                break;

            case "DDMMYYYY":
                $exp = "^(0[1-9]|[12][0-9]|3[01])[- /.](0[1-9]|1[012])[- /.](19|20)[0-9][0-9]$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not DDMMYYYY";
                    return false;
                } 
                break;

            case "MMDDYYYY":
                $exp = "^(0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])[- /.](19|20)[0-9][0-9]$";
                if ($this->not_empty($value) && eregi($exp, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not MMDDYYYY";
                    return false;
                } 
                break;

            default:
                if ($this->not_empty($value) && $this->regex($type, $value)) {
                    return true;
                } else {
                    $this->error_tmp = "string not valid";
                    return false;
                } 
        } 
    } 
    /* NOT_EMPTY */
    function not_empty($value) // private
    {
        if (trim($value) == "") {
            return false;
        } else {
            return true;
        } 
    } 

    /* REGULAR EXPRESSION */
    function regex($regex, $value) // private
    {
        $the_regex = 'ereg("' . $regex . '", "' . $value . '")';
        $the_code = '<?php if(' . $the_regex . ') { return true; } else { return false; } ?>';
        if (!eval('?>' . $the_code . '<?php ')) {
            return false;
        } else {
            return true;
        } 
    } 
}

Are there too many to change?

I hope someone can help?

Thanks in advance, kind regards

Brian

`Are there too many to change?`...not sure what you mean. If you have time, you can change them. It's not clear what you want from us. — ADyson, Sep 28 '21 at 09:46
Btw deprecation doesn't stop something from working...it only provides a warning that it will stop working in some future version of PHP - this is done so that you have plenty of time to plan to replace it. Of course if you're now using the version where the deprecated code has finally been removed then it would stop working...but that's no longer a deprecation issue, it's a 'this feature doesn't exist' issue. Which issue are you actually experiencing? — ADyson, Sep 28 '21 at 09:51
For what's it's worth, `eregi()` was a PHP/4 remain that was deprecated in 2009 (PHP/5.3) and removed altogether in 2015 (PHP/7). If I recall correctly, there was a guide in the "Migrate to PHP/5" manual chapter, but it's been taken offline. — Álvaro González, Sep 28 '21 at 18:03
@Brian if the answer fixed your code, please se it as solution! Thanks — Andrea, Sep 29 '21 at 10:08

Andrea · Accepted Answer · 2021-09-28T11:37:04.330

Regex has the "case-insensitive" way to match a string. If you put the letter "i" at the end of the regular expression, the function preg_match() will match the string even if you are searching a lowercase sentence in an uppercase string.

In the case ALPHA, you can use this regular expression:

$exp = "/^[a-z]+$/i";

instead of

$exp = "^[a-z]+$";

Using this, you can change the PHP functions from eregi($exp, $value) to preg_match($exp, $value), which will return TRUE if there are matches.

You can read the related documentation of preg_match() function here: https://www.php.net/manual/en/function.preg-match.php

Andrea

PHP Form Validation - Deprecated Function eregi()

1 Answers1