skip to Main Content

I have an enquiry form on an old HTML website, this was working fine with an old version of PHP. The problem now is the Function eregi() which forms part of the code is deprecated in all new versions of PHP.

I won’t pretend I understand how this works! 🙂

Here’s the existing code below – this contains the eregi() bit:

// check for any human hacking attempts
class clean {
    function comments($message) {
        $this->naughty = false;
        $this->message = $message;
        $bad = array("content-type","bcc:","to:","cc:","href");
        $for = array( "r", "n", "%0a", "%0d");
        foreach($bad as $b) {
            if(eregi($b, $this->message)) {
                $this->naughty = true;
            }   
        }   
        $this->message = str_replace($bad,"#removed#", $this->message);
        $this->message = stripslashes(str_replace($for, ' ', $this->message));
        
        // check for HTML/Scripts
        $length_was = strlen($this->message);
        $this->message = strip_tags($this->message);
        if(strlen($this->message) < $length_was) {
            $this->naughty = true;
        }
   }
} // class

After Googling I’m guessing I need to replace the eregi() bit with preg_match?

I have no idea where to put this in the above code for it to work?

Does anybody have any ideas?

Thanks in advance, kind regards

Brian

3

Answers


  1. The eregi function in your example is only used for a simple string comparison. You can simply replace it with a stripos:

    if (stripos($this->message, $b) !== false) {
        $this->naughty = true;
    }
    
    Login or Signup to reply.
  2. Use it like this

    class clean {
        function comments($message) {
            $this->naughty = false;
            $this->message = $message;
            $bad = array("content-type","bcc:","to:","cc:","href");
            $for = array( "r", "n", "%0a", "%0d");
            foreach($bad as $b) {
                if (preg_match("/$b/i", $this->message)) {
                    $this->naughty = true;
                } else {
                    //comment does not contain that string.
                }
                //if(eregi($b, $this->message)) {
                    //$this->naughty = true;
                //}
            }   
            $this->message = str_replace($bad,"#removed#", $this->message);
            $this->message = stripslashes(str_replace($for, ' ', $this->message));
            
            // check for HTML/Scripts
            $length_was = strlen($this->message);
            $this->message = strip_tags($this->message);
            if(strlen($this->message) < $length_was) {
                $this->naughty = true;
            }
       }
    }
    
    Login or Signup to reply.
  3. I only found the Romanian page of the documentation for eregi, which seems to say that it’s been deprecated since PHP 5.3 and removed in 7.0.

    As its purpose is to perform a case insensitive regular expression check you can replace it with preg_match() with the i flag (which stands for "case insensitive"):

    if (preg_match(sprintf('~%s~i', $b), $this->message) === 1) {
        // ...
    }
    

    But as @tino.codes answered, using a function like stripos() will be sufficient.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search