Portal Home > Knowledgebase > Articles Database > Regex validation


Regex validation




Posted by stuffradio, 08-03-2008, 09:22 PM
I am working on some email thing. I'm parsing an email message, and here is what I want to do but don't know how to do it. The example message coming in should be formatted something like this: Subject: Message: Username: stuffradio password: plaintext Photo caption: Cool stuff! The embedded photo represents the file of the photo being uploaded. I already figured out how to strip the photo from the email and upload it. The "" will be their username in the database. I want to take the argument of the Username which is stuffradio, and password which is plaintext and check the database. The password will be encrypted when checking against the database. Does anyone have any tips on what I need to do here?

Posted by qbert220, 08-04-2008, 10:34 AM
What language are you using to do your parsing? In general you want a regexp like: The round brackets mean capture the matching string. The qurare brackets mean any characters from this group (upper case alpha, lower case alpha and numeric), the + means 1 or more characters. If your username can contain other characters, add them to the list in the square brackets.

Posted by cygnusd, 08-04-2008, 12:52 PM
Hi, Are you parsing the email stream directly? Whatever language/platform you are using, you need to use a MIME parser. Find a MIME library that will help you parse any incoming mail. Also, IMHO, what you are attempting to do maybe quite insecure by the fact that any email can be crafted easily and that verification via the password from the header may not be very effective. I suggest you use additional techniques such as: - use signatures, I.e. One way bashes (e.g. MD5, SHA1) as proof that the email has not been tampered - use ip verification if you use case allows it, read the related RFCs on the related mail headers you can use - use public key encryption, your users needs to submit their piublic keys so you in turn can verify the content Cheers!

Posted by stuffradio, 08-04-2008, 02:21 PM
I'm using PHP. The emails will be sent via mobile phone.

Posted by qbert220, 08-04-2008, 03:59 PM
You may be able to rely on text emails, alleviating the need for mime parsing. In PHP you want to use preg_match. Assuming you have read the body of the email into the variable $body:

Posted by cygnusd, 08-05-2008, 08:14 AM
I suggested the need to use MIME parsers because you _should_ not assume anything from the raw email stream directly. I do think the OP intend to expose this interface to anyone on the internet who have access to email (not limited to mobile subscribers). Anyone then may be able to break the system as easily as attaching a plain text with matching headers. This may be a simple programming exercise (use of regex), but I believe that a validation system (authentication and authorization) needs careful attention especially in terms of security. I suggest you still use a MIME decoder + trace the mail headers to confirm that the email did originate from the Carrier's mail servers. Cheers!

Posted by stuffradio, 08-05-2008, 08:05 PM
You thought wrong buddy It's true that they could use the normal email, but I intend it for mobile browsers only because it's just as easy to upload via the website itself. I also only accept images, not any other file format.

Posted by Burhan, 08-06-2008, 06:25 AM
You need to use /^Username:(.*?)$/



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
Reseller =>Not Found (Views: 591)
Local tide info (Views: 548)