Regexers… Is this reliable url validation?

Posted on Posted in Uncategorized No Comments

Is this reliable url validation?

PHP Code:

    public function valid_url($str)
    {
        if (empty($str))
        {
            return FALSE;
        }
        elseif (preg_match(‘/^(?:([^:]*)\:)?\/\/(.+)$/’, $str, $matches))
        {
            if (empty($matches[2]))
            {
                return FALSE;
            }
            elseif ( ! in_array(strtolower($matches[1]), array(‘http’, ‘https’), TRUE))
            {
                return FALSE;
            }
            $str = $matches[2];
        }
        // PHP 7 accepts IPv6 addresses within square brackets as hostnames,
        // but it appears that the PR that came in with https://bugs.php.net/bug.php?id=68039
        // was never merged into a PHP 5 branch … https://3v4l.org/8PsSN
        if (preg_match(‘/^\[([^\]]+)\]/’, $str, $matches) && ! is_php(‘7’) && filter_var($matches[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== FALSE)
        {
            $str = ‘ipv6.host’.substr($str, strlen($matches[1]) + 2);
        }
        return (filter_var(‘http://’.$str, FILTER_VALIDATE_URL) !== FALSE);
    } 

It returns true for almost […]

Original post by English Breakfast Tea

Leave a Reply