-2

I have the code below in the submitted form section of a php file. It is meant to catch any emails that contain a url and reject them. 

 if (preg_match("/(\b(((https?|ftp|file|):\/\/)|www[.])[-A-Z0-9+&@#\/%?=~_|!:,.;]*[-A-Z0-9+&@#\/%=~_|])/i", $msg)) { return false; } return true;

But I received an email with dozens of lines like this:

[url=http://example.рф]шкафы купе[/url]

I tried sending a message with one of the lines in the original email and the code blocked it. Why didn't it stop this spammer?

Improve this question
6
  • 2
    Because рф aren't included in the character class [-A-Z0-9+&@#\/%=~_|] Commented Dec 26, 2018 at 14:43
  • 1
    Use PHP filers. Why would you even bother writing your own custom validator? PHP Validate filters Commented Dec 26, 2018 at 14:44
  • Have you tested your regex? It does not seem to match any urls... Commented Dec 26, 2018 at 14:45
  • Possible duplicate of How to check if a string contains a email? Commented Dec 26, 2018 at 14:47
  • Possible duplicate of How to validate an Email in PHP? Commented Dec 31, 2018 at 18:11

1 Answer 1

Reset to default
0

Based on the replies, which I deeply appreciate, I changed the code to the following. All I really want is to block url's. It doesn't matter what the path and parameters are so I think this catches all possibilities. This is used instead of php filters because the filters page says it can't catch URN's. 

 if (preg_match("/(\b(((https?|ftp|file|[-A-Z0-9]|):\/\/)|www[.]))/i", $msg)) {
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.