Checking for valid web address, regular expressions in PHP

I have this text input, and I need to check if the string is a valid web address, like http://www.example.com. How can be done with regular expres开发者_开发百科sions in PHP?

---

Use the filter extension:

filter_var($url, FILTER_VALIDATE_URL);

This will be far more robust than any regex you can write.

---

Found this:

(http|https):\/\/[\w\-_]+(\.[\w\-_]+)+([\w\-\.,@?^=%&:/~\+#]*[\w\-\@?^=%&/~\+#])?

From Here:

A regex that validates a web address and matches an empty string?

---

You need to first understand a web address before you can begin to parse it effectively. Yes, http://www.example.com is a valid address. So is www.example.com. Or example.com. Or http://example.com. Or prefix.example.com.

Have a look at the specifications for a URI, especially the Syntax components.

---

I found the below from http://www.roscripts.com/PHP_regular_expressions_examples-136.html

//URL: Different URL parts
//Protocol, domain name, page and CGI parameters are captured into backreferenes 1 through 4
'\b((?#protocol)https?|ftp)://((?#domain)[-A-Z0-9.]+)((?#file)/[-A-Z0-9+&@#/%=~_|!:,.;]*)?((?#parameters)\?[-A-Z0-9+&@#/%=~_|!:,.;]*)?'

//URL: Different URL parts
//Protocol, domain name, page and CGI parameters are captured into named capturing groups.
//Works as it is with .NET, and after conversion by RegexBuddy on the Use page with Python, PHP/preg and PCRE.
'\b(?<protocol>https?|ftp)://(?<domain>[-A-Z0-9.]+)(?<file>/[-A-Z0-9+&@#/%=~_|!:,.;]*)?(?<parameters>\?[-A-Z0-9+&@#/%=~_|!:,.;]*)?'

//URL: Find in full text
//The final character class makes sure that if an URL is part of some text, punctuation such as a 
//comma or full stop after the URL is not interpreted as part of the URL.
'\b(https?|ftp|file)://[-A-Z0-9+&@#/%?=~_|!:,.;]*[-A-Z0-9+&@#/%=~_|]'

//URL: Replace URLs with HTML links
preg_replace('\b(https?|ftp|file)://[-A-Z0-9+&@#/%?=~_|!:,.;]*[-A-Z0-9+&@#/%=~_|]', '<a href="\0">\0</a>', $text);

---

In most cases you don't have to check if a string is a valid address.

Either it is, and a web site will be available or it won't be and the user will simply go back.

You should only escape illegals characters to avoid XSS, if your user doesn't want do give a valid website, it should be his problem.

(In most cases).

PS: If you still want to check URLs, look at nikic's answer.

---

To match more protocols, you can do:

((https?|s?ftp|gopher|telnet|file|notes|ms-help)://)?[\w:#@%/;$()~=\.&-]+