sanitize string using whitelist regex php

Question

I want to sanitize a $string using the next white list:

It includes a-z, A-Z,0-9 and some usual characters included on posts []=+-¿?¡!<>$%^&

Answer 1

If you known your white list characters use the white list in the regex instead of including the black list. The blacklist could be really big. Specially if the encoding something like UTF-8 or UTF-16

There is a lot of ways to do this. One could be to create a regex with capture groups of the desired range of posibilities (also include the spaces and new lines) and compose a new string with the groups.

Also take carefully that some of the characters could be reserved regex characters and need to be scaped. Like "[ ? +"

You could test a regex like:

$string ="Your test string";
$pattern= "([a-zA-Z0-9\[\]=\+\-\¿\?¡!<>$%\^&\*'\"\sñÑáéíóúÁÉÍÓÚ]+)";
preg_match_all($pattern, $string, $matches);
$newString =  join('', $matches);

This is only and simple example of how to apply the whilte list with the regex.