8

I want to be able to validate a user's inputted regex, to check if it's valid or not. First thing I found with PHP's filter_var with the FILTER_VALIDATE_REGEXP constant but that doesn't do what I want since it must pass a regex to the options but I'm not regex'ing against anything so basically it's just checking the regex validity.

But you get the idea, how do I validate a user's inputted regex (that matches against nothing).

Example of validating, in simple words:

$user_inputted_regex = $_POST['regex']; // e.g. /([a-z]+)\..*([0-9]{2})/i

if(is_valid_regex($user_inputted_regex))
{
    // The regex was valid
}
else
{
    // The regex was invalid
}

Examples of validation:

/[[0-9]/i              // invalid
//(.*)/                // invalid
/(.*)-(.*)-(.*)/       // valid
/([a-z]+)-([0-9_]+)/i  // valid
MacMac
  • 34,294
  • 55
  • 151
  • 222
  • Can you be more explicity about what you mean by `that matches against nothing` ? It is an empty string ? – Benjamin Crouzier Apr 06 '12 at 19:23
  • I mean nothing as no variable, I'm not passing anything to validate against the user's regex. – MacMac Apr 06 '12 at 19:24
  • Sorry to come up with this issue again, but if you're `not passing anything to validate against the user's regex`, how can you validate the regexp ? You said in the question that you don't want to check the validity, so what the heck do you want to check the regexp against ? – Benjamin Crouzier Apr 06 '12 at 19:34
  • @pinouchon: The OP wants to validate if a given string is a valid PCRE pattern (i.e.: validate delimiters, escape sequences, matching groups and so on). – Alix Axel Apr 06 '12 at 19:36
  • possible duplicate: http://stackoverflow.com/questions/4747347/php-how-to-validate-a-regular-expression-itself – Benjamin Crouzier Apr 06 '12 at 19:40
  • related: http://stackoverflow.com/questions/172303/is-there-a-regular-expression-to-detect-a-valid-regular-expression – Benjamin Crouzier Apr 06 '12 at 19:41
  • Never mind, found the solution. - http://stackoverflow.com/questions/172303/is-there-a-regular-expression-to-detect-a-valid-regular-expression – MacMac Apr 06 '12 at 19:43
  • Keep in mind that some regular expressions can be valid, but dangerous. For example: `/(.*)/e`. –  Apr 06 '12 at 19:43

2 Answers2

7

Here's an idea (demo):

function is_valid_regex($pattern)
{
    return is_int(@preg_match($pattern, ''));
}

preg_match() returns the number of times pattern matches. That will be either 0 times (no match) or 1 time because preg_match() will stop searching after the first match.

preg_match() returns FALSE if an error occurred.

And to get the reason why the pattern isn't valid, use preg_last_error.

Alix Axel
  • 151,645
  • 95
  • 393
  • 500
2

You would need to write your own function to validate a regex. You can validate it so far as to say whether it contains illegal characters or bad form, but there is no way to test that it is a working expression. For that you would need to create a solution.

But then you do realize there really is no such thing as an invalid regex. A regex is performance based. It either matches or it doesn't and that is dependent upon the subject of the test--even if the expression or its results are seemingly meaningless.

In other words, you can only test a regular expression for valid syntax...and that can be nearly anything!

Nilpo
  • 4,675
  • 1
  • 25
  • 39