Web Address validation

[son]

I have a form field where user enter a web address. I do some preg_replace before this gets inserted into db as:

$webAddress = $_POST['webAddress'];$webAddress = preg_replace('/\s[\s]+/','-',$webAddress);    // Strip off multiple spaces$webAddress = preg_replace('/[\s]+/','-',$webAddress);    // Strip off spaces $webAddress = preg_replace('/^[\-_]+/','',$webAddress); // Strip off the starting hyphens/underscores$webAddress = preg_replace('/[\-_]+$/','',$webAddress); // // Strip off the ending hyphens/underscores

Now I wonder if that is actually sufficient? And I worry about people entering/not entering the 'http://' and 'www' bit. I refrained from checking and automatically inserting as some web addresses do not have 'www' and other users might want to include a link to an ftp server. What is a good practice? Thanks,Son

[Err]

You may want to look into filter_var()

[birbal]

..also instead of the above regex you can substitute it using trim(). it accepts a character list which will be striped as second param. regex is costly for memory so it is best to use regular string functions where possible. for valid url a regex would be something like. i did not added all extension,protocols,domains. you may need to tweak it where nesscery.

^(http||ftp)s?://([\w]+)?.[\w]+.(com|in|net|org)/?([\w/]+)?([\w]+.jpg|php|html)?$

Edited April 18, 2012 by birbal

[son]

Thanks. Will look into this... Son