stackoom
  简体   繁体   中英

Ruby: Escaping special characters in a string

 原文  2010-11-10 01:56:41       ruby/ regex/ escaping

Question

I am trying to write a method that is the same as mysqli_real_escape_string in PHP. It takes a string and escapes any 'dangerous' characters. I have looked for a method that will do this for me but I cannot find one. So I am trying to write one on my own.

This is what I have so far (I tested the pattern at Rubular.com and it worked): 

# Finds the following characters and escapes them by preceding them with a backslash. Characters: ' " . * / \ -
def escape_characters_in_string(string)
  pattern = %r{ (\'|\"|\.|\*|\/|\-|\\) }
  string.gsub(pattern, '\\\0') # <-- Trying to take the currently found match and add a \ before it I have no idea how to do that).
end

And I am using start_string as the string I want to change, and correct_string as what I want start_string to turn into: 

start_string = %("My" 'name' *is* -john- .doe. /ok?/ C:\\Drive)
correct_string = %(\"My\" \'name\' \*is\* \-john\- \.doe\. \/ok?\/ C:\\\\Drive)

Can somebody try and help me determine why I am not getting my desired output ( correct_string ) or tell me where I can find a method that does this, or even better tell me both? Thanks a lot!

5 answers

solution1
 11 ACCPTED  2010-11-10 02:49:33

Your pattern isn't defined correctly in your example. This is as close as I can get to your desired output.

Output 

"\\\"My\\\" \\'name\\' \\*is\\* \\-john\\- \\.doe\\. \\/ok?\\/ C:\\\\Drive"

It's going to take some tweaking on your part to get it 100% but at least you can see your pattern in action now. 

  def self.escape_characters_in_string(string)
    pattern = /(\'|\"|\.|\*|\/|\-|\\)/
    string.gsub(pattern){|match|"\\"  + match} # <-- Trying to take the currently found match and add a \ before it I have no idea how to do that).
  end

solution2
 4  2014-01-28 04:56:08

I have changed above function like this: 

  def self.escape_characters_in_string(string)
    pattern = /(\'|\"|\.|\*|\/|\-|\\|\)|\$|\+|\(|\^|\?|\!|\~|\`)/
    string.gsub(pattern){|match|"\\"  + match}
  end

This is working great for regex

solution3
 2  2010-11-10 02:38:52

This should get you started: 

print %("'*-.).gsub(/["'*.-]/){ |s| '\\' + s }
\"\'\*\-\.

solution4
 1  2010-11-10 02:28:13

看一下ActiveRecord清理方法: http//api.rubyonrails.org/classes/ActiveRecord/Base.html#method-c-sanitize_sql_array

solution5
 0  2010-11-10 02:29:15

这里看一下Mysql类中的escape_string / quote方法

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Ruby escaping a set of special characters in a string Escaping special characters in ruby Ruby: Escaping String Characters Escaping special characters in cli Escaping special character in Ruby Setting a string of ASCII-art to a variable while escaping special characters Escaping characters in Ruby Shell Deleting all special characters from a string - ruby Is there any way to stop Ruby from escaping characters from input string escaping a string in Ruby
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM