Retrieving whole URL, even with ampersands, using _GET - php

I made a quick script to retrieve and parse XML. It's simply for internal use and I though that appending the feed URL to the script address would be a convenient way to initialize the script...
www.example.com/feed_analyzer.php?url=www.example.com/an_xml_feed.xml
Then I simply grab the URL...
if (isset($_GET['url'])) {
$xml_url = $_GET['url']
}
...retrieve the file at $xml_url, parse etc.
All was fine until this URL came along with pesky parameters:
www.example.com/an_xml_feed.xml?foo=bar&rice=chips
That of course left me with the URL "www.example.com/an_xml_feed.xml"
I have managed to "patch back together" the whole URL using this clunky code:
if (isset($_GET['url'])) {
foreach($_GET as $key => $value){
$got .= "&".$key."=".$value;
}
$xml_url = ltrim($got,'&url=');
}
Can someone please suggest a more elegant approach.

You can directly use this to get the whole query url:
ltrim($_SERVER['QUERY_STRING'], 'url=');

urlencode() is the way to go :)

Try like this
if (isset($_GET['url'])) {
$query_string = $_SERVER['QUERY_STRING'];
if (!empty($query_string)) {
list($key, $xml_url) = explode('url=', $query_string);
echo $xml_url;
}
}

Related

Redirect with PHP and skip specific parameter

Since I've started using friendly URLS in my website, I'm redirecting every page to the new version, only if the registered user has a "username" in his profile.
So, I'm redirecting from:
https://tribbr.me/post.php?id=850
with:
header("Location:/".$if_username."/post/".$post_id."?".$_SERVER['QUERY_STRING']); exit();
To keep all GET parameters.... but the problem is that this header request, obviously with $_SERVER['QUERY_STRING'] is adding the post id too to the URL, and when redirected, this is the final URL:
https://tribbr.me/TribeMasters/post/850?id=850
Is it possible to just skip the id=850 parameter to the URL redirection? Since it is a duplicated parameter: post/850 and id=850 are the same.
Thanks for helping me :)
#DE_'s answer is best. But If you are not familiar with Regex, This is an alternative way.
function removeGetParam($param){
$params = $_GET;
// removing the key
unset($params[$param]);
// joining and returning the rest
return implode(',', array_map(function ($value, $key) {
return $key.'='.$value;
},$params, array_keys($params))
);
}
$filtered_params = removeGetParam('id');
header("Location:/".$if_username."/post/".$post_id."?".$filtered_params);
David Walsh did a good article on this
https://davidwalsh.name/php-remove-variable
function remove_querystring_var($url, $key) {
$url = preg_replace('/(.*)(?|&)' . $key . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&');
$url = substr($url, 0, -1);
return $url;
}

how to php only allow only special parameter in url or redirect to other

I need help to write function which help me clean out any unusual ( not allow in array list) then redirect to right url
eg my original is /modules.php?aaa=111&bbb=2
the var aaa and bbb is alow using on urls ,
if some one ads other var to url incase you mess up or want to overhead the server they will redirect back to original one.. but cut all invalid param out.
eg: /modules.php?aaa=111&notgood=999&bbb=2
will redirect back to
modules.php?aaa=111&bbb=2
the &notgood=999 or any other will be strip out..
$goodvar = array("aaa","bbb");
$requesturi = $_SERVER['REQUEST_URI'];
if /// Need help : if other query not in the list of good var will be clean out of requesturi to build NEWrequesturi
{
header("Location: ".$NEWrequesturi,TRUE,301); exit; die();
}
thanks very much
kind regards
<?php
$good_var = ["aaa", "bbb"];
$query_params = explode(".php?", $_SERVER['REQUEST_URI'])[1];
$all_query_data = explode("&", $query_params);
$data_set = [];
foreach ($all_query_data as $query_value) {
$param = explode("=", $query_value);
$data_set[$param[0]] = $param[1];
}
$paased_args = array_keys($data_set);
if (empty(array_diff($paased_args, $good_var))) {
echo "Url is good";
// do whatever you want when url is good
} else {
echo "Url tempered";
//url has been tempered do as you wish
}

PHP Array to string conversion with preg_match

I have this error while I'm using this my script:
$pages = array('/about.php', '/');
//...............function text here................//
$ua = $_SERVER['HTTP_USER_AGENT'];
$mobiles = '/iphone|ipad|android|symbian|BlackBerry|HTC|iPod|IEMobile|Opera Mini|Opera Mobi|WinPhone7|Nokia|samsung|LG/i';
if (preg_match($mobiles, $ua)) {
$thispage = $_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"];
if ($thispage == $_SERVER["HTTP_HOST"].$pages) {
ob_start("text");
}
}
This script changes certain pages style depending on user's useragent. I need this script in such way. But I don't know how to make it in PHP properly. Maybe I need some "foreach ($pages as $i)"? But it didn't work in a way I made it.
You are trying to check if the "requested resource" $_SERVER["REQUEST_URI"] is in predefined list of resource paths.
Change your condition as shown below(using in_array function):
...
if (in_array($_SERVER["REQUEST_URI"], $pages)) {
ob_start("text");
}

Redirect post request to get using PHP

I need a PHP script that gets a POST request and redirects it to another page as a GET request with all parameters in the URL.
Is this possibile?
You can use the function http_build_query() to generate the GET query string from $_POST.
Afterwards attach it to the redirect URL and use header() with Location for the redirect, for example:
$newURL = 'http://example.com/script.php?' . http_build_query($_POST);
header("Location: {$newURL}");
$URL = "http://thatpage.com/thatpage.php?";
foreach($_POST as $key=>$value) {
$URL +="$key=$value&";
}
then open that $URL page
you need to parse the $_POST variable in order to create a complete GET URL
This question could help you to parse the $_POST array
PHP Parse $_POST Array?
Something like:
foreach($_POST as $k => $v)
{
$getString .= $k . '=' . $v . '&';
}
should format the POSTed variables in the proper format.

How to pass GET variables from php to php on another server

In a php script I am receiving some data:
$data = $_POST['someData'];
How can I do something like this:
goToThisUrl( "http://someDomain.com/someScript.php?data = ".$data );
or if it is easier how can I do it by POST?
BTW.
This is not happening in a browser, the first php script is getting called by a cart when the order is paid for (if it makes any difference)
Replace goToThisUrl with the real function file_get_contents and remember to urlencode($data) and that would work just fine.
If you want to POST the data instead, look at cURL. Typing "[php] curl post" into the search box will get you the code.
If you want to send the user there, then:
header('Location: http://someDomain.com/someScript.php?data='.$data);
exit;
Or if you just want to call the other server, you can do:
$response = file_get_contents('http://someDomain.com/someScript.php?data='.$data);
Both assume data is already a urlencoded string, you might want to use 'data=' . urlencode($data) or just http_build_query($data) otherwise.
foreach ($_POST as $key => $val) {
$qs = urlencode($key) . "=" . urlencode($val) . "&";
}
$base_url = "<url here>";
$url = $base_url . "?" . $qs;
header('Location: $url'); exit();

Categories