0

I am looking for a pattern to match if a special character was used within a GET variable, for example, in this case, if the character '<' was used by a user at somepoint in the variable 'x'. Currently, I've created the following regex pattern:

^example\.php\?(.*)x=(.*)<(.*)&

So, for example, the following strings would be matched:

example.php?x=abc"def&y=ghi
example.php?x=abcde"f&y=ghi

But with the pattern that I'm currently using, every other GET variable that might be using "<" is also being matched, for example:

example.php?x=abcdef&y=ghi"&z=klm

How should I overcome this so that it matches everything up to the first appeareance of the '&' character (so that it only analyses the 'x' variable)?

I don't know if the question is understandable, if not, I'll try to provide further details.

Lucas Libório
  • 11
  • 2
  • Why don't you [parse the url](https://stackoverflow.com/questions/11480763/how-can-i-get-parameters-from-a-url-string) and get the value for `x` ? – The fourth bird Sep 06 '22 at 15:38

1 Answers1

0

It took me sometime but I finally discovered what should I do. I couldn't parse the url and get the value for X because the regex is going to be on a SQL query (As far as I'm aware, that's no easy task).

The answer would be something in the light of:

example\.php\?(.*)x=[^&]*<

I hope that I can help someone

Lucas Libório
  • 11
  • 2