26.May.2009 at 02:20 by Chris Tankersley
Tokens are definitely next on my list of things to learn better, and this talk gave a great overview on why they are much easier than regular expressions in some cases.
Out with Regex, In with Tokens
Sean Coates (22.May.2009)
Talk at php|tek 2009 (English - US)
Parsing user input, creative data, and HTML is hard. I'm sure you've whipped up some pretty creative regular expressions that //almost// work //most// of the time when dealing with these things, but it's often easy for attackers, or even non-malicious end-users to trip up your carefully crafted regex and make your pages look horrible (or worse). In this talk, we'll discuss a few practical examples of how taking a token-based approach to parsing code and markup can save you plenty of time in the long run, and more importantly, will actually prevent your replacements from failing.
Quicklink: https://joind.in/199
Slides: Out with Regex, In with Tokens
Who are you?
By clicking this button you are declaring that you are the speaker responsible for it and a claim request will be sent to the administrator of the event.
If the claim is approved you will be able to edit the information for this talk.
Are you sure?
Comments
22.May.2009 at 15:58 by Chris Cornutt
Nice overview of everything tokeney - love the content, especially the "don't regex validate email addresses" comments. It's amazing to me how many people spend so much time trying to do that.