Reputation: 43
Unknown Str_Replace On URL
I am trying to understand this one line of code below:
str_replace('../', '', $route);
Basically it says replace '../' with nothing in $route
$route = 'information/information&information_id=4';
from the url 'index.php?route=information/information&information_id=4'
But there is no ../ in the $route variable. Is it some sort of regex? If yes, what does it exactly do. Thanks guys.
Upvotes: 1
Views: 232
Answers (2)
Reputation: 62395
If there's no ../ in the string, this will replace nothing. It's not a regex (see preg_replace() for that. It's just precaution against someone trying to pass invalid path (starting with ../), which could potentially be an attempt of accessing files outside of webserver's document root (in other words, a hacking attempt).
Upvotes: 2
Reputation: 11395
You are correct in thinking that it replaces "../" with an empty string. It is not regex. There is no occurence of it in your example, but there could be.
It might be used for some sort of security to prevent you from going back up the directory structure from the document root.
Upvotes: 4
Related Questions
- PHP - str_replace not working with URL variable string
- How to use preg_replace on a URL
- php Str_replace Function
- PHP Code to replace special characters in string removes the characters
- PHP str_replace at the URL
- How to fix this preg_replace codes?
- str_replace not replacing a url extracted from a database
- Regex str_replace
- PHP preg_replace problem
- getting a link with str_replace