1

I have an enquiry form on an old HTML website, this was working fine with an old version of PHP. The problem now is the Function eregi() which forms part of the code is deprecated in all new versions of PHP.

I won't pretend I understand how this works! :)

Here's the existing code below - this contains the eregi() bit:

// check for any human hacking attempts
class clean {
    function comments($message) {
        $this->naughty = false;
        $this->message = $message;
        $bad = array("content-type","bcc:","to:","cc:","href");
        $for = array( "\r", "\n", "%0a", "%0d");
        foreach($bad as $b) {
            if(eregi($b, $this->message)) {
                $this->naughty = true;
            }   
        }   
        $this->message = str_replace($bad,"#removed#", $this->message);
        $this->message = stripslashes(str_replace($for, ' ', $this->message));
        
        // check for HTML/Scripts
        $length_was = strlen($this->message);
        $this->message = strip_tags($this->message);
        if(strlen($this->message) < $length_was) {
            $this->naughty = true;
        }
   }
} // class

After Googling I'm guessing I need to replace the eregi() bit with preg_match?

I have no idea where to put this in the above code for it to work?

Does anybody have any ideas?

Thanks in advance, kind regards

Brian

Brian
  • 67
  • 3
  • Does this answer your question? [Deprecated: Function eregi() is deprecated in](https://stackoverflow.com/questions/18509858/deprecated-function-eregi-is-deprecated-in) – Nico Haase Sep 28 '21 at 08:01

3 Answers3

1

The eregi function in your example is only used for a simple string comparison. You can simply replace it with a stripos:

if (stripos($this->message, $b) !== false) {
    $this->naughty = true;
}
tino.codes
  • 1,512
  • 1
  • 12
  • 23
  • I'll always recommend stripos() for case sensitivity – Vivek Choudhary Sep 28 '21 at 07:59
  • This is brilliant - thank you! :) Unfortunately, I've just found another bit of code that's used to validate the form, which is absolutely riddled with them :( - blasted eregi! :) Am I best to raise a separate question for the other block of code? – Brian Sep 28 '21 at 08:09
0

Use it like this

class clean {
    function comments($message) {
        $this->naughty = false;
        $this->message = $message;
        $bad = array("content-type","bcc:","to:","cc:","href");
        $for = array( "\r", "\n", "%0a", "%0d");
        foreach($bad as $b) {
            if (preg_match("/$b/i", $this->message)) {
                $this->naughty = true;
            } else {
                //comment does not contain that string.
            }
            //if(eregi($b, $this->message)) {
                //$this->naughty = true;
            //}
        }   
        $this->message = str_replace($bad,"#removed#", $this->message);
        $this->message = stripslashes(str_replace($for, ' ', $this->message));
        
        // check for HTML/Scripts
        $length_was = strlen($this->message);
        $this->message = strip_tags($this->message);
        if(strlen($this->message) < $length_was) {
            $this->naughty = true;
        }
   }
}
Vivek Choudhary
  • 634
  • 8
  • 14
0

I only found the Romanian page of the documentation for eregi, which seems to say that it's been deprecated since PHP 5.3 and removed in 7.0.

As its purpose is to perform a case insensitive regular expression check you can replace it with preg_match() with the i flag (which stands for "case insensitive"):

if (preg_match(sprintf('~%s~i', $b), $this->message) === 1) {
    // ...
}

But as @tino.codes answered, using a function like stripos() will be sufficient.

AymDev
  • 6,626
  • 4
  • 29
  • 52