Check a string for <img> tag and if it has a valid file extension

Question

Aksel 0 Newbie Poster

13 Years Ago

I've got a variable which contains a string which can contain html.

I'm trying to find a way to check the string if it contains a <img>-tag, and if so..validate that it has a valid file.exstension. (jpg | png | gif).

If an img tag is located and HAS a valid extension, then display it as usual, if it doesn't have a valid extension (for example just linking to another html page or whatever) do not parse it...

We have a few functions on our site which are linked towards pageviews of certain pages..and this can currently be exploited by just linking an img tag to this certain page.

php

3 Contributors
13 Replies
4K Views
2 Days Discussion Span
Latest Post 13 Years Ago Latest Post by diafol

diafol

13 Years Ago

use preg_match()

The pattern I came up with is this:

/(<img (\s*\S*\s)*src\s*=\s*("|')\S*\.(jpg|jpeg|JPEG|JPG|png|PNG|gif|GIF)("|')(\s*\S*\s*)*/*>)/

It should match an image tag that has src with one of the above extensions. It also takes into account that the surrounding quotes could be " or '
In addition other attributes could be included before and after the src attribute
The end of the tag can be /> or just >

I'm sure somebody out there can make a nicer one though. Or even use some other nifty function.

This could be simplified if there is a standard format to the html tag.

Edited 13 Years Ago by diafol because: n/a

diafol

13 Years Ago

if(preg_match('/<img/', $text)

diafol

13 Years Ago

what do you mean triggered?

the code takes into account that alt or title attributes could be included before or after the src attribute. *I think*

I'll have a look.

Edited 13 Years Ago by diafol because: n/a

diafol

13 Years Ago

Strange, works fine for me:

$text = '<div class="heilbak">
<img src="http://i56.tinypic.com/30sh6rq.jpg" alt="Bakgrundsbildet" />
</div>
<div class="bunnlogo">
<a href="index.php?option=com_community&amp;view=groups&amp;task=viewgroup&amp;groupid=17&amp;Itemid=8">
<img src="http://i43.tinypic.com/2cgdfsw.jpg" alt="topplogo" />
</a>
</div>';

if(!preg_match("/(<img(\s*\S*\s*=\s*\S*\s*)*\s*src\s*=\s*(\"|')\S*\.(jpg|jpeg|png|gif)(\"|')(\s*\S*\s*=\s*\S*\s*)*\/*)/i", $text)){
    echo 'Img tag has an invalid extension!';
}else{
    echo "ok";	
}

Wait on. Didn't expect more than one img tag in the html.

For this, pehaps best to split "<img and first following ">" into an array and then apply the preg. In which case, you just search for the

Edited 13 Years Ago by diafol because: n/a

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Aksel 0 Newbie Poster · Answer 1 · 2011-09-07T14:31:05+00:00

use preg_match()
The pattern I came up with is this:
/(<img (\s*\S*\s)*src\s*=\s*("|')\S*\.(jpg|jpeg|JPEG|JPG|png|PNG|gif|GIF)("|')(\s*\S*\s*)*/*>)/
It should match an image tag that has src with one of the above extensions. It also takes into account that the surrounding quotes could be " or '
In addition other attributes could be included before and after the src attribute
The end of the tag can be /> or just >
I'm sure somebody out there can make a nicer one though. Or even use some other nifty function.
This could be simplified if there is a standard format to the html tag.

Hi :)

Thanks for the quick reply!

When I use the following function:

function cleanImgTags($text){
	if(preg_match('<img', $text)){ // let's first check if there's really any imagetags inside the string
		
		if(!preg_match('/(<img (\s*\S*\s)*src\s*=\s*(\"|\')\S*\.(jpg|jpeg|JPEG|JPG|png|PNG|gif|GIF)(\"|\')(\s*\S*\s*)*/*>)/', $text))
		{
			$tekst= 'Img tag has an invalid extension!';
			
		}
		
	}
	return $tekst;
}

I keep getting the following error:

Warning: preg_match() [function.preg-match]: No ending matching delimiter '>' found

Any clue what's wrong? :)

Aksel 0 Newbie Poster · Answer 2 · 2011-09-07T23:24:12+00:00

if(preg_match('/<img/', $text)

Easy as that..problem solved.

Thanks a million ! :)

Aksel 0 Newbie Poster · Answer 3 · 2011-09-07T23:29:47+00:00

Easy as that..problem solved.
Thanks a million ! :)

Hmm...this seems to be triggered also if a user has an 'alt' text or 'title' to the img tag :/

Aksel 0 Newbie Poster · Answer 4 · 2011-09-08T02:50:42+00:00

Perhaps it's just me not sure about the expression hehe..I'm really new to using regexp..but when I use the following code:

if(!preg_match('/(<img (\s*\S*\s)*src\s*=\s*(\"|\')\S*\.(jpg|jpeg|JPEG|JPG|png|PNG|gif|GIF)(\"|\')(\s*\S*\s*)*/*>)/', $string))
		{
			$string= 'Img tag has an invalid extension!';
 
		}

Isn't that suppose to display the 'Img tag has an invalid extension!' only when the img ..well got some bad extension not mentioned? :)

I tried applying it and the text echoed when an img with alt text was inserted :)

diafol · Answer 5 · 2011-09-08T02:58:23+00:00

if(!preg_match("/(<img(\s*\S*\s*=\s*\S*\s*)*\s*src\s*=\s*(\"|')\S*\.(jpg|jpeg|png|gif)(\"|')(\s*\S*\s*=\s*\S*\s*)*\/*)/i", $text))

OK tried loads of different stuff, but can't help thinking that this is a really inelegant regex. Yuk! But it works for me

Aksel 0 Newbie Poster · Answer 6 · 2011-09-08T20:15:47+00:00

if(!preg_match("/(<img(\s*\S*\s*=\s*\S*\s*)*\s*src\s*=\s*(\"|')\S*\.(jpg|jpeg|png|gif)(\"|')(\s*\S*\s*=\s*\S*\s*)*\/*)/i", $text))
OK tried loads of different stuff, but can't help thinking that this is a really inelegant regex. Yuk! But it works for me

Damn....weird..still gets caught up in the check here it seems with an alt text applied to the img tag :(

One of my users has the following code and it gets caught in the filter apparantly:

<div class="heilbak">
<img src="http://i56.tinypic.com/30sh6rq.jpg" alt="Bakgrundsbildet" />
</div>
<div class="bunnlogo">
<a href="index.php?option=com_community&amp;view=groups&amp;task=viewgroup&amp;groupid=17&amp;Itemid=8">
<img src="http://i43.tinypic.com/2cgdfsw.jpg" alt="topplogo" />
</a>
</div>

Aksel 0 Newbie Poster · Answer 7 · 2011-09-08T21:07:36+00:00

Strange, works fine for me:
$text = '<div class="heilbak">
<img src="http://i56.tinypic.com/30sh6rq.jpg" alt="Bakgrundsbildet" />
</div>
<div class="bunnlogo">
<a href="index.php?option=com_community&amp;view=groups&amp;task=viewgroup&amp;groupid=17&amp;Itemid=8">
<img src="http://i43.tinypic.com/2cgdfsw.jpg" alt="topplogo" />
</a>
</div>';

if(!preg_match("/(<img(\s*\S*\s*=\s*\S*\s*)*\s*src\s*=\s*(\"|')\S*\.(jpg|jpeg|png|gif)(\"|')(\s*\S*\s*=\s*\S*\s*)*\/*)/i", $text)){
    echo 'Img tag has an invalid extension!';
}else{
    echo "ok";	
}
Wait on. Didn't expect more than one img tag in the html.
For this, pehaps best to split "<img and first following ">" into an array and then apply the preg. In which case, you just search for the
/src\s*=\s*(\"|')\S*\.(jpg|jpeg|png|gif)(\"|')/i inside each array item.

Don't mind me..I just noticed a silly typo on my behalf...*hides beneath a rock*.. Your code works just fine. Thank you very much, you've been VERY helpful! :)

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 8 · 2011-09-08T21:08:19+00:00

Never mind te following, as you fixed your problem. Posted just too late... I do think your \s*\S* could be replace by .*? One issue you may have is that you want to check more img tags in the same string. Perhaps you should look into preg_match_all.

<img.*?/>

The above would match all img tags, and preg_match_all will put them in an array. I'd loop that array with a separate regex.

diafol · Answer 9 · 2011-09-08T21:19:34+00:00

A Pritaeas - to the rescue! I got so far up my own derriere with that regex, I thought I was going blind!