CodeIgniter is giving me a Disallowed Key Characters
error. I've narrowed it down to the name attribute of a form field: name='prod[50-4121.5]'
but I'm not sure what to do about it.
The problem is you are using characters not included in the standard Regex. Use this:
!preg_match("/^[a-z0-9\x{4e00}-\x{9fa5}\:\;\.\,\?\!\@\#\$%\^\*\"\~\'+=\\\ &_\/\.\[\]-\}\{]+$/iu", $str)
As per the comments (and personal experience) you should not modify they Input.php
file — rather, you should create/use your own MY_Input.php
as follows:
<?php class MY_Input extends CI_Input { /** * Clean Keys * * This is a helper function. To prevent malicious users * from trying to exploit keys we make sure that keys are * only named with alpha-numeric text and a few other items. * * Extended to allow: * - '.' (dot), * - '[' (open bracket), * - ']' (close bracket) * * @access private * @param string * @return string */ function _clean_input_keys($str) { // UPDATE: Now includes comprehensive Regex that can process escaped JSON if (!preg_match("/^[a-z0-9\:\;\.\,\?\!\@\#\$%\^\*\"\~\'+=\\\ &_\/\.\[\]-\}\{]+$/iu", $str)) { /** * Check for Development enviroment - Non-descriptive * error so show me the string that caused the problem */ if (getenv('ENVIRONMENT') && getenv('ENVIRONMENT') == 'DEVELOPMENT') { var_dump($str); } exit('Disallowed Key Characters.'); } // Clean UTF-8 if supported if (UTF8_ENABLED === TRUE) { $str = $this->uni->clean_string($str); } return $str; } } // /?/> /* Should never close php file - if you have a space after code, it can mess your life up */
// NOTE: \x{4e00}-\x{9fa5} = allow chinese characters // NOTE: 'i' — case insensitive // NOTE: 'u' — UTF-8 mode if (!preg_match("/^[a-z0-9\x{4e00}-\x{9fa5}\:\;\.\,\?\!\@\#\$%\^\*\"\~\'+=\\\ &_\/\.\[\]-\}\{]+$/iu", $str) { ... } // NOTE: When Chinese characters are provided in a URL, they are not 'really' there; the browser/OS // handles the copy/paste -> unicode conversion, eg: // 一二三 --> xn--4gqsa60b // 'punycode' converts these codes according to RFC 3492 and RFC 5891. // https://github.com/bestiejs/punycode.js --- $ bower install punycode
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With