[nycphp-talk] Replace restrictions
csnyder
chsnyder at gmail.com
Tue Apr 12 10:26:04 EDT 2005
On Apr 11, 2005 3:25 PM, Spot <spot at deviantart.com> wrote:
> Each comment goes through quite a few search/replace operations. We have
> some malicious users posting comments with thousands of emoticons (for
> example) but we have not located an efficient way to limit this since
> all search/replace function do not have a limiting option.
I'm guessing that you need to parse each comment every time its
displayed for this to really be a problem... if you were only parsing
on insert, you could discard any comments that had thousands of
anything.
One way to limit search and replace operations is to use the slower
but more controllable preg_match_all(), and check how many matches
were found before carrying out the replacements using the matches
array (with captured offsets). This is probably way too bulky to use
on every comment view, but should be fine on comment insertion.
You should definitely be caching parsed comments, though.
More information about the talk
mailing list