1

I am building a system where the user builds a query by selecting his operands from a combobox(names of operands are then put between $ sign).

eg. $TotalPresent$+56
eg. $Total$*100
eg 100*($TotalRegistered$-$NumberPresent$)

Things like that, However since the user is allowed to enter brackets and the +,-,* and /. Thus he can also make mistakes like

eg. $Total$+1a
eg. 78iu+$NumberPresent$

ETC...

I need a way to validate the query built by the user.

How can I do that ?

Improve this question

3 Answers 3

Reset to default
1

A regex will never be able to properly validate a query like that. Either your validation would be incomplete, or you would reject valid input.

As you're building a query, you must already have a way parse and execute it. Why not use your parsing code to validate the user input? If you want to have client-side validation you could use an ajax call to the server.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I need a way to validate the query built by the user.

Personally, I don't think it is a good idea to use regex here. It can be possible with help of some extensions (see here, for example), but original Kleene expressions aren't fit for checking whether unlimited number of parentheses is balanced. Even worse, too difficult expression may result in significant time and memory spent, opening doors to denial-of-service attacks (if your service is public).

You can make use of a weak expression, though: one which is easy to write and match with and forbids most obvious mistakes. Some inputs will still be illegal, but you will discover that on parsing, as Menno van den Heuvel offered. Something like this should do:

^(?:[-]?\(*)?(?:\$[A-Za-z][A-Za-z0-9_]*\$|\d+)(?:\)*[+/*-]\(*(?:\$[A-Za-z][A-Za-z0-9_]*\$|\d+))*(?:\)*)$
Improve this answer

Comments

0

Hey guys I managed to get to my ends(Thanks to Anirudh(Validating a String using regex))

I am posting my answer as it may help further visitors.

 string UserFedData = ttextBox1.Text.Trim().ToString(); 
  //this is a regex to detect conflicting user built queries.
   var troublePattern = new Regex(@"^(\(?\d+\)?|\(?[$][^$]+[$]\)?)([+*/-](\(?\d+\)?|\(?[$][^$]+[$]\)?))*$");
   //var troublePattern = new Regex(@"var troublePattern = new Regex(@"^(?:[-]?\(*)?(?:\$[A-Za-z][A-Za-z0-9_]*\$|\d+)(?:\)*[+/*-]\(*(?:\$[A-Za-z][A-Za-z0-9_]*\$|\d+))*(?:\)*)$");
 string TroublePattern = troublePattern.ToString();


//readyToGo is the boolean that indicates if further processing of data is safe or not
                        bool readyToGo = Regex.IsMatch(UserFedData, TroublePattern, RegexOptions.None);
Improve this answer

4 Comments

??? Why you use TroublePattern and not just troublePattern.IsMatch(UserFedData) ?..
Because of the datatype of parameters of the Regex.IsMatch. It should be (string,string,RegexOption).
It is not the only option. Also, string "100*($Total+20k*Registered$-$NumberPresent$)" matches your regex despite being illegal.
The words to be in between the $ sign would be chosen from a combobox. And as far as i remember there isn't anything as you have typed above. So as i said MY ends are met by the regex.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.