qstring

**decipher** · 11th March 2013, 08:43

Hi
qString str=â€œHi my name is Dave, I am using Qt to do my project.â€

Can I use some thing like * or ?
str2="hi my name is ?, I am using ? to do my project."

if I compare str2 with str, It should give me Dave and Qt. Something like string Template match.
Please guide.
Thank you

**wysota** · 11th March 2013, 10:01

See QRegExp

**decipher** · 12th March 2013, 04:21

Qt Code:

Switch view

QString str="my name is dave";
    QRegExp rx("my name is *");
    rx.setPatternSyntax(QRegExp::Wildcard);
   int pos = 0;
   while ((pos = rx.indexIn(str, pos)) != -1) {
qDebug()<< rx.capturedTexts();
 
   qDebug() << rx.cap(1);
   pos += rx.matchedLength();
   }

QString str="my name is dave";
    QRegExp rx("my name is *");
    rx.setPatternSyntax(QRegExp::Wildcard);
   int pos = 0;
   while ((pos = rx.indexIn(str, pos)) != -1) {
qDebug()<< rx.capturedTexts();

   qDebug() << rx.cap(1);
   pos += rx.matchedLength();
   }

To copy to clipboard, switch view to plain text mode

This is not working...please help...thank you

**ChrisW67** · 12th March 2013, 06:10

In order to capture parts of the matched text you need to mark the parts you want in the expression with capturing parentheses. Capturing parentheses are not part of the QRegExp::Wildcard matching scheme, you need to use the default regular expression mode.

See Capturing Text in the friendly manual.

**decipher** · 12th March 2013, 06:30

Thanks Chris...
I removed rx.setPatternSyntax(QRegExp::Wildcard)...
and modified as below...still I am unable to get my required answer that is Dave.

Qt Code:

Switch view

QRegExp rx("my name is ((s*))");

QRegExp rx("my name is ((s*))");

To copy to clipboard, switch view to plain text mode

I Even tried //s*. w*...
Not getting...Regex is too hard.

**wysota** · 12th March 2013, 08:20

((s*)) means "any number of "s" characters". Is that really what you want?

**prabhudev** · 12th March 2013, 08:34

Qt Code:

Switch view

QString str="my name is dave. I am learning QT";
   QRegExp rx("my name is (\\w*). I am learning (\\w*)");

QString str="my name is dave. I am learning QT";
   QRegExp rx("my name is (\\w*). I am learning (\\w*)");

To copy to clipboard, switch view to plain text mode

working fine....
I am able to extract dave and Qt

**lanz** · 12th March 2013, 08:39

You need escape characters before special characters in regexp, or they'll be treated as plain characters.
Don't forget to escape escape character in code

For your example:

Qt Code:

Switch view

QString str="my name is dave";
QRegExp rx("my name is (\\w+)");
int pos = 0;
 
while ((pos = rx.indexIn(str, pos)) != -1) {
	qDebug() << rx.capturedTexts();
	qDebug() << rx.cap(1);
 
	pos += rx.matchedLength();
};

QString str="my name is dave";
QRegExp rx("my name is (\\w+)");
int pos = 0;

while ((pos = rx.indexIn(str, pos)) != -1) {
	qDebug() << rx.capturedTexts();
	qDebug() << rx.cap(1);

	pos += rx.matchedLength();
};

To copy to clipboard, switch view to plain text mode

Also there's site that I use when trying to come up with particular regexp, hope you find it useful:
http://gskinner.com/RegExr/

**decipher** · 13th March 2013, 07:17

the string read from the file is below
reject tcp any any -> any any (content:"twitter.com";msg:"TWITTER1 BEING ACESSED";sid:41325;rev:001

Qt Code:

Switch view

QRegExp re("(\\w*) tcp (\\w*) any -> any any \\(content:((\"([A-Za-z0-9_\\./\\-$\\s]*)\"));msg:((\"([A-Za-z0-9_\\./\\-$\\s]*)\"));sid:(\\w*);");
 
 while((pos=re.indexIn(str, pos))!=-1){
 
            list << re.cap(1);//gives first field from string
            list << re.cap(2);//gives 3rd field
            list << re.cap(3);//gives content
            list << re.cap(6);//gives msg
            list << re.cap(9);//gives sid
 
            pos+=re.matchedLength();
 
        }

QRegExp re("(\\w*) tcp (\\w*) any -> any any \\(content:((\"([A-Za-z0-9_\\./\\-$\\s]*)\"));msg:((\"([A-Za-z0-9_\\./\\-$\\s]*)\"));sid:(\\w*);");

 while((pos=re.indexIn(str, pos))!=-1){

            list << re.cap(1);//gives first field from string
            list << re.cap(2);//gives 3rd field
            list << re.cap(3);//gives content
            list << re.cap(6);//gives msg
            list << re.cap(9);//gives sid

            pos+=re.matchedLength();

        }

To copy to clipboard, switch view to plain text mode

The above regex gives me reject, any, twitter.com, twitter being accessed, 41325
but for that i have to choose 1,2,3,6,9 fields out of the re.cap coz the line has multiple line of quotes.

but the same doesn't work for the below string
alert tcp 192.168.1.9 any -> any any (content:"www.gmail.com";msg:"gmail being ACCESSED";sid:41330;rev:001

please help

**lanz** · 13th March 2013, 07:57

I suggest you used a number of simple regexps instead of one complex one trying to capture everything.
For example your string is "word word ip word -> word word parenthesized_expr"
So I would captured it like that (double backslashes omitted for clarity)
"(\w+)\s+(\w+)\s+([0-9\.])\s+(\w+)\s*->\s*(\w+)\s+(\w+)\s*($[^$]*)\))"
Then take a look at parenthesized_expr (which is in your capture group 7)
(content:"address";msg:"text";sid:num;rev:num; )
Then write a couple of regexps, like "content:\"([A-Za-z0-9_\./\-$\s]*)\"" and others.
Divide and conquer

**ChrisW67** · 13th March 2013, 08:12

Do you expect "\\w*" to match "192.168.1.9"? You have a few redundant sets of () in the expression that make it uglier than it needs to be.

Try these (you will have to escape the backslashes in C++):

Qt Code:

Switch view

(\S+)\s+tcp\s+(\S+)\s+any\s+->\s+any\s+any\s+\(content:"([^"]+)";msg:"([^"]+)";sid:(\d+)
(\S+)\s+tcp\s+(\S+)\s+any\s+->(?:\s+any){2}\s+\(content:"([^"]+)";msg:"([^"]+)";sid:(\d+)
(\S+)\s+tcp\s+(\S+)[^(]+\(content:"([^"]+)";msg:"([^"]+)";sid:(\d+)

(\S+)\s+tcp\s+(\S+)\s+any\s+->\s+any\s+any\s+\(content:"([^"]+)";msg:"([^"]+)";sid:(\d+)
(\S+)\s+tcp\s+(\S+)\s+any\s+->(?:\s+any){2}\s+\(content:"([^"]+)";msg:"([^"]+)";sid:(\d+)
(\S+)\s+tcp\s+(\S+)[^(]+\(content:"([^"]+)";msg:"([^"]+)";sid:(\d+)

To copy to clipboard, switch view to plain text mode

Move some parentheses if you want the quotes that surround content and msg to be captured. If acceptable for your purposes you could run QString::simplified() over the test string first and remove the need to look for repeated whitespace separators.

**decipher** · 13th March 2013, 09:36

Thanks Cris I realized after posting that...now using this 1..its serving my purpose...but its ugly..I am trying ur suggestions

Qt Code:

Switch view

QRegExp re("(\\w*) tcp ([a-zA-Z0-9.]*) any -> any any \\(content:((\"([A-Za-z0-9._:\\./\\-$\\s]*)\"));msg:((\"([A-Za-z0-9_\\./\\-$\\s]*)\"));sid:(\\w*);")

QRegExp re("(\\w*) tcp ([a-zA-Z0-9.]*) any -> any any \\(content:((\"([A-Za-z0-9._:\\./\\-$\\s]*)\"));msg:((\"([A-Za-z0-9_\\./\\-$\\s]*)\"));sid:(\\w*);")

To copy to clipboard, switch view to plain text mode

Thread: qstring

Thread Tools

Search Thread

Display

qstring

Re: qstring

Re: qstring

Re: qstring

Re: qstring

Re: qstring

Re: qstring

Re: qstring

Re: qstring

Re: qstring

Re: qstring

Re: qstring

Similar Threads

QtDBus: Using <QMap<QString, QString> results in compile error

Error: passing 'const QString' as 'this' argument of 'QString& QString::operator=

Searching a QString inside another QString (not using string literals)

Parameter passing and return values of type QString/QString&

undefined reference to `compare::searchTwo(QString, QString, QString)'

Bookmarks

Bookmarks

Posting Permissions