Home » Php » php – preg_replace causing dollar signs get removed

php – preg_replace causing dollar signs get removed

Posted by: admin July 12, 2020 Leave a comment


I have an email system, where user write a message and it will send the message.
The main problem which I just found, consider this code

    $findEmail = $this->Data->field('body', array('id' => 1610));

    //$getUserEmailTemplate will take frm dbase and e.g: 
    //Hi, @@[email protected]@. From: StackOverflow
    //It should change @@[email protected]@ part to data from $findEmail (in this example is the $74.97 ...)

    $getUserEmailTemplate = $findUser['User']['email_template'];
    $emailMessage = preg_replace('/\[email protected]@[email protected]@\B/u', $findEmail, $getUserEmailTemplate);


and consider this input for the email for $findemail result:


$email Message will result in:


How can I fix this? I feel like there’s problem with my preg_replace pattern.

User template can be anything, as long as there is @@[email protected]@ which, that part will be changed to the user message input.

Thank you

How to&Answers:

Pre-parse the replacement text to escape the $ when followed by a number (remember that $n has special meaning when using in the replacement text). See the comment on the php.net docs page:

If there’s a chance your replacement text contains any strings such as
“$0.95”, you’ll need to escape those $n backreferences:

  function escape_backreference($x){
    return preg_replace('/$(\d)/', '\$$1', $x);


The high-voted function escape_backreference is incomplete in the general case: it will only escape backreferences of the form $n, but not those of the form ${n} or \n.

To escape any potential backreferences, change

    $emailMessage = preg_replace('/\[email protected]@[email protected]@\B/u', $findEmail, $getUserEmailTemplate);


    $emailMessage = preg_replace('/\[email protected]@[email protected]@\B/u', addcslashes($findEmail, '\$'), $getUserEmailTemplate);


If (ever) an template hast been in $getUserEmailTemplate, you did overwrite (destroy) it with this line;

$getUserEmailTemplate = "@@[email protected]@";

So just remove this line and make sure, $getUserEmailTemplate really contains anything and best of all a template.


Here is the reason:

The $1 portion of a replacement text stands for the first group/match found. So if you have abc 123 and you try preg_match('/([\w]+)-([\d]+)/'), regex will store internally something like $1 = abc and $2 = 123. Those variables are going to exists, even if they have no value.

So, for example:

$text = '[shortcode]';
$replacement = ' some $var $101 text';
$result = preg_replace('/\[shortcode\]/', $var, $text);
// returns "some $var 1 text"

As the match group $10 is empty is going to be replaced by a null string.

That’s why you need to scape any $NN from your REPLACEMENT text before running the preg_replace function.

Happy coding.


Guess your template just includes “pure” PHP and tries to use $74 as variable, which does not exist and does not hold any data. So change the quotes in the template to single quotes '.

guessed template:

$tpl = "Sum: $74.97"; //results in "Sum: .97"

corrected template:

$tpl = 'Sum: $74.97'; //results in "Sum: $74.97"