TPToolPazar
Ana Sayfa/Rehberler/Regex Cheat Sheet All Patterns Explained

Regex Cheat Sheet All Patterns Explained

📖 Bu rehber ToolPazar ekibi tarafından hazırlanmıştır. Tüm araçlarımız ücretsiz ve reklamsızdır.

Core syntax recap (in 90 seconds)

A complete regex reference: every operator, the difference between flavors (ECMAScript, PCRE, Python, Go RE2), and 30 patterns that cover ~95% of real-world matching tasks. Each pattern is shown with input, output, and a flavor compatibility note. Use this as a working reference — bookmark it, search-in-page for what you need, copy and adapt.

Anchors and boundaries

Most regex tutorials over-explain syntax and under-explain the engine differences that bite you in production. This guide goes the other way: short syntax recap, long pattern library, and explicit flavor warnings.

Quantifiers: greedy vs lazy vs possessive

Three quantifier strategies in modern regex engines (not all flavors support all three):

Character classes and shortcuts

Zero-width assertions: they check whether a position has certain context, but don’t consume characters.

Groups, captures, backreferences

Each pattern is in ECMAScript flavor unless noted. Translate as needed.

Lookahead and lookbehind

Don’t try to match RFC 5321 — the full spec regex is 6,425 characters. The above accepts ~99.9% of real emails and rejects most invalid input. For bullet-proof validation, send a confirmation email instead.

Engine differences (ECMAScript, PCRE, Python, Go)

Matches: (415) 555-1234, 415-555-1234, 415.555.1234, 4155551234.

Common patterns: validation

Better approach: skip composition rules entirely, require length 12+, and check against breach databases (HIBP). Modern security guidance has moved away from composition requirements.

Email (pragmatic)

Captures: $1 = link text, $2 = URL.

URL (HTTP/HTTPS)

For real CSV with quoted fields and embedded commas, use a CSV parser library.

US phone number

Regular Expression Denial of Service (ReDoS) is a real attack class. Vulnerable patterns have nested quantifiers that produce exponential paths on adversarial input. The classic example:

IPv4 address

Common ReDoS patterns to audit:

Strong password (8+ chars, mixed case, digit, special)

ISO 8601 date (YYYY-MM-DD)

Hex color