URL validation in PHP

05-15-2007, 07:08 AM

This is the function which will validate url:

PHP Code:


		
			
function isValidURL($url)

{

 return preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $url);

}

Use of function :

PHP Code:


		
			
if(!isValidURL($fldbanner_url))

{

     $errMsg .= "* Please enter valid URL including http://<br>";

}

12-01-2007, 04:40 AM

how about this i made yesterday;

THE CODE - one liner

PHP Code:


		
			
$urlregex = "^(https?|ftp)\:\/\/([a-z0-9+!*(),;?&=\$_.-]+(\:[a-z0-9+!*(),;?&=\$_.-]+)?@)?[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)*(\:[0-9]{2,5})?(\/([a-z0-9+\$_-]\.?)+)*\/?(\?[a-z+&\$_.-][a-z0-9;:@/&%=+\$_.-]*)?(#[a-z_.-][a-z0-9+\$_.-]*)?\$";

if (eregi($urlregex, $url)) {echo "good";} else {echo "bad";}

(OPTIONAL: READ BELOW FOR EXPLANATION)

it will validate all these types of urls

PHP Code:


		
			
// valid urls

$url = "https://user:pass@www.somewhere.com:8080/login.php?do=login&style=%23#pagetop";

$url = "http://user@www.somewhere.com/#pagetop";

$url = "https://somewhere.com/index.html";

$url = "ftp://user:****@somewhere.com:21/";

$url = "http://somewhere.com/index.html/";  //this is valid!!

THE CODE - broken into section for easy editing and understanding:

PHP Code:


		
			
// SCHEME

$urlregex = "^(https?|ftp)\:\/\/";



// USER AND PASS (optional)

$urlregex .= "([a-z0-9+!*(),;?&=\$_.-]+(\:[a-z0-9+!*(),;?&=\$_.-]+)?@)?";



// HOSTNAME OR IP

$urlregex .= "[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)*";  // http://x = allowed (ex. http://localhost, http://routerlogin)

//$urlregex .= "[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)+";  // http://x.x = minimum

//$urlregex .= "([a-z0-9+\$_-]+\.)*[a-z0-9+\$_-]{2,3}";  // http://x.xx(x) = minimum

//use only one of the above



// PORT (optional)

$urlregex .= "(\:[0-9]{2,5})?";

// PATH  (optional)

$urlregex .= "(\/([a-z0-9+\$_-]\.?)+)*\/?";

// GET Query (optional)

$urlregex .= "(\?[a-z+&\$_.-][a-z0-9;:@/&%=+\$_.-]*)?";

// ANCHOR (optional)

$urlregex .= "(#[a-z_.-][a-z0-9+\$_.-]*)?\$";



// check

if (eregi($urlregex, $url)) {echo "good";} else {echo "bad";}

all the lines in the code above can be safely removed (except for hostname) if you don't want to allow some URL segment (if you don't want getqueries in your urls, just comment the respective $urlregex .= ....) - but do not reorder them.
the "(optional)" states that the part MAY exist, but url will be valid even if it doesn't contain the part (see the valid urls above).

syntax:

Code:

<http[s]|ftp> :// [user[:pass]@] hostname [port] [/path] [?getquery] [anchor]

-taking into account allowed safe characters
-assuming .. (dot dot) is never allowed in hostname or path

FEEDBACK IS APPRECIATED

10-23-2008, 03:07 PM

Thanks, fqa, this function worked great for me.

11-21-2008, 10:26 AM

Hello fqa, while your code works for the URL patterns you have posted, however it does pass URLs like http://a or http://fkhdfkjhkjfd thus making the code almost useless.

jnoriega · 04-14-2009, 05:14 PM

1r0nH1de check this comment
// http://x = allowed (ex. http://localhost, http://routerlogin)

thanks a lot fqa!

05-15-2007, 07:08 AM	#1
sandykadam Posts: n/a	URL validation in PHP This is the function which will validate url: PHP Code: `function isValidURL($url) { return preg_match('\|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)(:[0-9]+)?(/.)?$\|i', $url); }` Use of function : PHP Code: `if(!isValidURL($fldbanner_url)) { $errMsg .= "* Please enter valid URL including http://<br>"; }`

12-01-2007, 04:40 AM	#2
fqa Posts: n/a	Simple Effective PHP REGEX URL Validate how about this i made yesterday; THE CODE - one liner PHP Code: `$urlregex = "^(https?\|ftp)\:\/\/([a-z0-9+!(),;?&=\$_.-]+(\:[a-z0-9+!(),;?&=\$_.-]+)?@)?[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)(\:[0-9]{2,5})?(\/([a-z0-9+\$_-]\.?)+)\/?(\?[a-z+&\$_.-][a-z0-9;:@/&%=+\$_.-])?(#[a-z_.-][a-z0-9+\$_.-])?\$"; if (eregi($urlregex, $url)) {echo "good";} else {echo "bad";}` (OPTIONAL: READ BELOW FOR EXPLANATION) it will validate all these types of urls PHP Code: `// valid urls $url = "https://user:pass@www.somewhere.com:8080/login.php?do=login&style=%23#pagetop"; $url = "http://user@www.somewhere.com/#pagetop"; $url = "https://somewhere.com/index.html"; $url = "ftp://user:***@somewhere.com:21/"; $url = "http://somewhere.com/index.html/"; //this is valid!!` THE CODE - broken into section for easy editing and understanding: PHP Code: // SCHEME $urlregex = "^(https?\|ftp)\:\/\/"; // USER AND PASS (optional) $urlregex .= "([a-z0-9+!(),;?&=\$_.-]+(\:[a-z0-9+!(),;?&=\$_.-]+)?@)?"; // HOSTNAME OR IP $urlregex .= "[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)"; // http://x = allowed (ex. http://localhost, http://routerlogin) //$urlregex .= "[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)+"; // http://x.x = minimum //$urlregex .= "([a-z0-9+\$_-]+\.)[a-z0-9+\$_-]{2,3}"; // http://x.xx(x) = minimum //use only one of the above // PORT (optional) $urlregex .= "(\:[0-9]{2,5})?"; // PATH (optional) $urlregex .= "(\/([a-z0-9+\$_-]\.?)+)\/?"; // GET Query (optional) $urlregex .= "(\?[a-z+&\$_.-][a-z0-9;:@/&%=+\$_.-])?"; // ANCHOR (optional) $urlregex .= "(#[a-z_.-][a-z0-9+\$_.-])?\$"; // check if (eregi($urlregex, $url)) {echo "good";} else {echo "bad";} all the lines in the code above can be safely removed (except for hostname) if you don't want to allow some URL segment (if you don't want getqueries in your urls, just comment the respective $urlregex .= ....) - but do not reorder them. the "(optional)" states that the part MAY exist, but url will be valid even if it doesn't contain the part (see the valid urls above). syntax: Code: <http[s]\|ftp> :// [user[:pass]@] hostname [port] [/path] [?getquery] [anchor] -taking into account allowed safe characters -assuming .. (dot dot) is never allowed in hostname or path FEEDBACK IS APPRECIATED

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

10-23-2008, 03:07 PM	#3
aim Posts: n/a	Thanks, fqa, this function worked great for me.

11-21-2008, 10:26 AM	#4
1r0nH1de Posts: n/a	Hello fqa, while your code works for the URL patterns you have posted, however it does pass URLs like http://a or http://fkhdfkjhkjfd thus making the code almost useless.

04-14-2009, 05:14 PM	#5
jnoriega Junior Member Join Date: Apr 2009 Posts: 1	1r0nH1de check this comment // http://x = allowed (ex. http://localhost, http://routerlogin) thanks a lot fqa!