Sanitize query using preg_replace but allow some special characters

Question

I am sanitizing a query using the following regex. However, I need some special characters to be allowed in the query.

In particular I need to allow: Ä, ä, Ö, ö, Ü, ü, ß

What do I need to change to achieve this?

$query = preg_replace('/[^-a-zA-Z0-9_\/]/', '', $_GET['destination']);

bcosca · Answer 1 · 2010-11-03T18:43:38.577

4

/[^\w-\p{L}\p{N}\p{Pd}]/

This will match anything that's NOT an alphanumeric character (including UTF-8 letters) as well as the dash (-).

edited Nov 03 '10 at 18:43

answered Nov 03 '10 at 18:23

bcosca

score 2 · Answer 2 · edited May 23 '17 at 10:33

2

Your question is really about how to support multibyte characters in preg expressions, see:

edited May 23 '17 at 10:33

Community

answered Nov 03 '10 at 20:02

Hamish

2 Answers2