Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Escape elasticsearch special characters in PHP

Tags:

regex

php

elasticsearch

I want to create a function that escapes elasticsearch special characters by adding a \ before the characters in PHP. The special chars that Elasticsearch use are: + - = && || > < ! ( ) { } [ ] ^ " ~ * ? : \ /

I'm not very familliar with regex, but I have found a piece of code that simply removes the special chars, but i prefer to escape them, because the might be relevant. The code i use:

$s_input = 'The next chars should be escaped: + - = && || > < ! ( ) { } [ ] ^ " ~ * ? : \ / Did it work?';
$search_query = preg_replace('/(\+|\-|\=|\&|\||\!|\(|\)|\{|\}|\[|\]|\^|\"|\~|\*|\<|\>|\?|\:|\\\\)/', '', $s_input);

This outputs: 

The next chars should be escaped / Did it work

So there are two problems: this code removes the special chars, while i want to escape them with a \. Furthermore: this code doesn't escape the \. Does anyone know how to escape the Elasticsearch special characters?

like image 745
wjhulzebosch Avatar asked Nov 21 '15 15:11

wjhulzebosch

Video Answer

1 Answers

You can use preg_match with backreferences as stribizhev has noticed it (simpliest way) :

$string = "The next chars should be escaped: + - = && || > < ! ( ) { } [ ] ^ \" ~ * ? : \ / Did it work?"; 

function escapeElasticReservedChars($string) {
    $regex = "/[\\+\\-\\=\\&\\|\\!\\(\\)\\{\\}\\[\\]\\^\\\"\\~\\*\\<\\>\\?\\:\\\\\\/]/";
    return preg_replace($regex, addslashes('\\$0'), $string);
}
echo escapeElasticReservedChars($string);

or use preg_match_callback function to achieve that. Thank to the callback, you will be able to have the current match and edit it.

A callback that will be called and passed an array of matched elements in the subject string. The callback should return the replacement string. This is the callback signature:

Here is in action : 

<?php 
$string = "The next chars should be escaped: + - = && || > < ! ( ) { } [ ] ^ \" ~ * ? : \ / Did it work?"; 

function escapeElasticSearchReservedChars($string) {
    $regex = "/[\\+\\-\\=\\&\\|\\!\\(\\)\\{\\}\\[\\]\\^\\\"\\~\\*\\<\\>\\?\\:\\\\\\/]/";
    $string = preg_replace_callback ($regex, 
        function ($matches) { 
            return "\\" . $matches[0]; 
        }, $string); 
    return $string;
}
echo escapeElasticSearchReservedChars($string);

Output: The next chars should be escaped\: \+ \- \= \&\& \|\| \> \< \! \( \) \{ \} \[ \] \^ \" \~ \* \? \: \\ \/ Did it work\?

like image 135
Louis Barranqueiro Avatar answered Sep 21 '22 00:09

Louis Barranqueiro
Sign in to Comment

Related questions

How to send a post request to the RESTserver api in php-Codeigniter?
Sort and filter data in GridView Yii2 where column is not in database
"sudo composer" command works but "composer" is not?
PHP password_verify() and slow equals comparison
Laravel 5 HTTP Response, M4V Files, and iOS MPMoviePlayerViewController
PHP json_decode integers and floats to string
SOLID - does Single responsibility principle apply to methods in a class?
'safe' json_decode( ,,, ) to prevent exhausting memory
Wordpress get_terms returns empty array for custom taxonomy
add CDATA to xml node
PHP: How to sanitize a natural number (positive INT)?
Removing all characters before last alpha character
Finding PHP latest release version
Is "mysqli_real_escape_string" enough to avoid SQL injection or other SQL attacks?
Set up registration FOSUserBundle with FOSRestBundle REST API
What does this line of PHP code do?
Amazon SES display sender name using PHP?
Adding date of birth to database
PHP: Check if variable is type of string AND is not empty string?
What are all those SQL operators in Laravel?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!