|
Jeroen_R wrote: if it needs comments to be readable, something's very wrong.
That's true in the general case, but the exceptions are legion.
I'd argue regex is one of those exceptions. There is simply not a more compact and efficient way to tokenize or match flat text than DFA regular expressions.
Sure you could try writing it out, but I have. Try your hand at creating a more verbose language than regex and see what it looks like.
I wrote one that allows you to describe regular expressions using a BNF notation variant. The result required too much typing, let's put it that way, even though BNF is fairly compact as well.
If there's a better mousetrap, nobody seems to have found it yet.
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
This is the most runaway thread on CP in a long while. Way to poke the bear.
|
|
|
|
|
I blank out on regular expressions. Too much like learning a new language. The other day, I needed to get 0 or more leading characters from a string (as an int). I Googled (regex), I went, I left.
Coding challenge: get leading digits (I settled for LINQ)
var text = "123rd NY 2nd Battalion".
var count = text.TakeWhile( c => Char.IsDigit( c ) ).Count();
int i = count > 0 ? ConvertToInt32( text.SubString( 0, count) ) : 0;
Answer: 123
"Before entering on an understanding, I have meditated for a long time, and have foreseen what might happen. It is not genius which reveals to me suddenly, secretly, what I have to say or to do in a circumstance unexpected by other people; it is reflection, it is meditation." - Napoleon I
|
|
|
|
|
^[0-9]+
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
i requested ChatGBT "please write a regular expression which identifies the numerical digits beginning a text ."
its response below .
^\d+
is it wrong ? was my request incorrect ?
|
|
|
|
|
It won't identify them, but it'll match them. Getting it to assign that value or print it out involves more code not related to regex.
|
|
|
|
|
i enjoy the challenge of learning / writing regular expressions for my text editing of source code . as in all things mastering it is the same as being invited to perform at Carnegie Hall id est "practice practice practice" . my purpose in this post though is to express my impression from these many and expert posts utilizing fancy schmancy terms of which i do not know which seem to indicate regular expressions are more powerful / advanced / sophisticated than i know as i understand them to be nothing more than a text editing convenience . may i please inquire am i wrong in this regard . thank you kindly .
|
|
|
|
|
They're for text processing, but for more than text editing.
The C# compiler for example, almost certainly uses a tokenizer built up of regular expressions.
That said, you're basically not wrong. I mean, tokenization is almost like text matching, but with a twist.
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
If you like to read technical stuff then "Mastering Regular Expressions" by Friedl (yes spelled like that.)
Not only interesting but a bit scary since it provides examples that will shut down your system.
|
|
|
|
|
|
Of course abuse of QR codes is obvious.
QR codes can be phishing scams in disguise, warns the FTC - The Verge[^]
But I encounter this real scenario....
Went to park at a downtown parking lot that I had not parked at for quite some time (pre-covid probably).
Before there used to be credit card reader kiosk. Those have been around for a while.
Now all there is is a sign, rather large one, with a message like 'Use the QR code to pay'. Then of course a QR code.
It is trivially simple to print out a QR code and just cover up the real one. Not even sure in this case that replacing it would require more than just someone that was a bit taller than average.
One could likely do that on quite a few lots in one night.
It would be days or even weeks before anyone figured it out. Even if a diligent check of proceeds from one lot showed reduced revenue I bet figuring out why would take some time and one lot owner would probably just fix their own lots.
And they would be unlikely to rescind tickets, handed out of course because the real QR code wasn't used, unless a government agency started getting involved. Perhaps not even then.
|
|
|
|
|
This.
The only time I've ever read QR codes was to use them as input to an app showing the actual target URL (but NOT actually following it).
Clearly, as you've described, this is ripe for abuse.
|
|
|
|
|
So this lot has an honor system for paying? No gate at the exit that requires some confirmation of payment (ex. a "paid" ticket be inserted / scanned)?
|
|
|
|
|
There has to be more to it than that. Most car parks use ANPR, so the driver would need to connect his payment to the car's index plate in some way.
|
|
|
|
|
Richard MacCutchan wrote: Most car parks use ANPR Not in my little slice of the world. Our parking lots are either 100% free or they issue a ticket upon arrival that needs to be paid upon leaving.
|
|
|
|
|
Over here they have all switched to ANPR. And in some places you also need a parking app on your mobile phone in order to pay.
|
|
|
|
|
Not sure I'd call that progress...
|
|
|
|
|
Nor me; there are plenty of people in the UK who cannot use car parks because of it.
|
|
|
|
|
The app is the key to hackers not being able to “easily” hack the QR code.
The QR code has to match inside the app or else it doesn’t work.
That’s why I thumbed up your message — not necessarily because QR codes are the best way to solve his problem.
But, at least, the hacker cannot just replace the QR code and take payment.
Although I guess, the hacker could replace the QR code and the unwitting victim who doesn’t know you need the app could just pay directly to the hacker so that may be a point too.
Hmmm.. interesting.
|
|
|
|
|
The QR code itself, at the physical level, is just an encoding of a bit stream, length given by the size (in b/w squares) of the code. Go up one (or two) levels, and first bits are a tag indicating the meaning, or semantics, of the rest of the bit stream. It doesn't have to be a URL, but that is what most people have seen it as.
If it really is a URL (which is quite likely) to a web service for the user to transfer money from his bank account to the parking service, replacing it with a URL to another web service for the user to transfer money from his bank account to someone else's bank account is not that difficult. As long as you need to establish some contractual agreement with the parking lot before parking there, you can in theory have a white list of money recipients, to prevent this kind of fraud - but it doesn't work in practice: There will be lots of parking lots where you do not have any prior agreement, so you have to accept the web service that comes up when you go to the QR supplied URL. There is no easy way for you to know whether it is real or fake.
In the metal days, you could be reasonably sure that the coins you dropped into the slot actually landed in the money box of the parking lot owner. Today you can't be that certain about the owner receiving the right bits. I sort of trust(ed) coins a lot more.
|
|
|
|
|
raddevus wrote: The app is the key to hackers not being able to “easily” hack the QR code.
To be clear there is no "app" from the person using the parking lot. It is just a QR code. The one I saw did not even specify anything else. Not a lot number, not a company. And that part of the sign could have been replaced (covered up) with an additional sign also but with more difficultly since it was higher.
For the QR code it is quite easy.
They scan the QR. It goes to a site that looks like you can pay to park. Probably would not even need to specify the lot. And take a credit card. Or better an alternative payment form.
The site is set up specifically for the scam. It can be legitimized by running a real service via it for some period of time (perhaps selling something trivial on ebay.)
|
|
|
|
|
Here in Norway, toll road booths are history: If you do not have an car ID chip glued to your windshield (or they have problems reading it), they use ANPR. Same for most ferries: Car ID chip if you have got it, otherwise ANPR. Automatic speed ticketing has been using ANPR since the day of dawn.
For a number of years, foreign cars could do as they like - park anywhere. drive at any speed, drive on toll roads ... Ferries were the last to go to ANPR. At that time, international coordination had come so far that you would find a bill in your mailbox when returning home. If you haven't already got an ID chip in your car (of the standard used in Europe), you can get one at the customs office at the national border, and tell which account to charge for all parking, toll roads, ferries etc., and you don't have to worry about it.
Some indoor parking houses have been using ANPR for many years. After I scrapped my old car, 6 years ago, I received a dozen of tickets from one parking house 500 km from here, for having driven off without paying. Before scrapping the car, I tried to sell it through a web site, presenting photos with the number plates visible. Obviously, someone had figured that with a felt tip pen, they could change their registration plates to resemble my number, and the arguments would be between the buyer of my car and me. I found no buyer, and scrapped the car. Only with the formal documents showing that the car had been demolished days and weeks before even the first parking ticket, did I avoid going to court for not paying my debts.
The only bad thing is that you are tracked 'all the time', anywhere any service finds a reason to read your car's ID chip or number plate. That is almost everywhere, especially around big towns and along big highways, with a lot of toll stations. I don't like being tracked and monitored everywhere; it gives me a feeling of Big Brother.
Maybe even scarier is if you can persuade young people to actually read 1984, and they fail to see the point, 'Yes, they knew where Winston was at any time, and what he was doing. What's the real problem? We do that all the time!'
|
|
|
|
|
Richard MacCutchan wrote: There has to be more to it than that
Here, they have people that check the lots on a periodic basis.
How do I know this? Due to various reasons at different lots I came out to a ticket on the car.
Why do that? The lots are surface level so would tend to be small. I have seen lots and parked in one with only about 10 parking slots. So buying and servicing the tech is probably not worth it.
But could also be some regulatory control as well.
|
|
|
|
|
lot of places use honor system.
No need to maintain a gate that's always broken or a pay booth that never works.
Street side parking with parking meters also work that way.
You can take the chance that no one will come and check the meter, or just pay.
we got stuck 30 minutes at an airport gate once with a long line of cars behind us waiting for the sole attendant to come in and fix the gate.
CI/CD = Continuous Impediment/Continuous Despair
|
|
|
|
|
Maximilien wrote: No need to maintain a gate that's always broken or a pay booth that never works. Instead they get to maintain an electronic payment system (that can be easily hacked) and automatic systems to scan license plates and issue tickets.
Poe-tay-toe vs. Puh-tah-toe.
|
|
|
|