How to search/find special characters like &, < or > in the string with regex using Python
Question
Hi I am writing a function in python to search in a text string, with regex, for special charecters.
Once found a match, the program should give error message and exit.
This is what I did so far and able to search for;,$,%,' but could not search and find characters like &, <, > in windows.
The current code given below works in windows but not in Linux. But I Want to use this code in windows as well in Linux.
Here is my code:
#tests for finding special characters
import sys, re
cmd = input('Enter your command : ')
def chk_cmds(cmd):
print('chk_cmds: lets look term at %s' % (cmd))
msg = bool(re.search(r'\;|\$|\%|`', cmd))
if msg is True:
print(msg)
print('Found a suspicious entry in the command : ' + cmd)
print('Exiting the program')
return -1
sys.exit
else:
print('Command seems clean ' +cmd)
return 0
# return -1
chk_cmds(cmd)
Q. How can I also also search for special characters like &, <, > in the strings both in windows and Linux.
I 've tried using backslash escape character for each of those charecters
like bool(re.search(r'\;|\$|\%|`|\&|\<|\>', cmd)) but the re.search is not finding them in Windows. (and also current below code seems not working in Linux)
2 answers
solution1
1 2019-11-22 14:48:27
If you loop through each character of the input string and compare it's ASCII code to a list of ASCII codes which you want it to detect.
import sys, re
cmd = input('Enter your command : ')
def chk_cmds(cmd):
print('chk_cmds: lets look term at %s' % (cmd))
# ASCII codes for the special characters you specified:
bad_chars = [36, 37, 38, 59, 60, 62, 63, 96]
msg = False
for letter in cmd:
for i in bad_chars:
if(ord(letter) == i):
msg = True
if msg is True:
print(msg)
print('Found a suspicious entry in the command : ' + cmd)
print('Exiting the program')
return -1
sys.exit
else:
print('Command seems clean ' +cmd)
return 0
# return -1
chk_cmds(cmd)
This works for me on Linux using python3
solution2
1 ACCPTED 2019-11-22 15:08:11
I don't have a Windows machine so I can't test this there but it seems to work on Mac at least.
I used a character list in the regex instead of your method:
import sys
import re
def chk_cmds(cmd):
print('chk_cmds: lets look term at {}'.format(cmd))
regex = re.compile(r'[&`%;$<>]')
msg = bool(regex.search(cmd))
if msg is True:
print(msg)
print('Found a suspicious entry in the command : {}'.format(cmd))
print('Exiting the program')
return -1
else:
print('Command seems clean {}'.format(cmd))
return 0
mycmd = input('Enter your command : ')
if chk_cmds(mycmd) == -1:
sys.exit()
Your sys.exit() command also did nothing since it was after the return, so I've moved it to an if block based on the return code of the function.
Also moved to using .format for string formatting although if you are on Python 3.6 or above you should start to use f-strings
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.