PHP - GET url encode #, \ and & sign - php

This PHP code:
$test = '#&\\';
echo rawurlencode($test);
Results in this:
http://example.com/test=%40%26%5C
Which in a $_GET request in a url becomes something like this:
test=#&\
The above is not an allowed $_GET variable.
How can I still use a $_GET variable with these values, encode them and decode them back to get these values?

The URL will most certainly be http://example.com/test=%40%26%5C if you create the URL as http://example.com/test=%40%26%5C. When PHP receives a request for this URL, PHP automatically decodes the query string and puts it into $_GET. The URL didn't change, you simply have the decoded value of the query string available to your PHP script in the $_GET variable.
Additionally the browser may decide to display the URL in a decoded form in the address bar for usability/readability. It does not mean that the actual URL contains #&\ characters.

Related

How to remove ampersand and get value from url in php

I have a url in which value is coming with ampersand so i want to get value
from that url but due to ampersand this value is coming wrong.So is there
any way to remove ampersand and get the actual value from the url.Because
i have survey website in which whenever user will complete the survey it will automatically redirect on the callback url,so they use ampersand with
the variable.
My url is like this:-
http://testdomain.com/webservices/v1/api/survey_submit?ssi=%127%&ssi2=%1.80%
Php code is:-
<?php
echo $_GET['ssi'];
?>
its value should come 127 but it is showing wrong value 7%.Is it
possible to get the value ampersand sign.
Have a look about strtok() at http://php.net/manual/en/function.strtok.php

I want to display encoded url that I pass to this page

I want to print encoded url with the help of echo, for example I send variables like this:
"http://www.indiandeal.in/test.php?go=http://www.facebook.com/indiandeal"
It is working fine if I pass any variable but not with encoded url string. Normal url string works fine.
i don't want to encode the url.
i want this to work
http://www.indiandeal.in/test.php?go=http%3A%2F%2Fwww.facebook.com%2Findiandeal&123=234
this should print the url as
www facebook com indiandeal&123=234
but it displaying only
http www facebook com/indiandeal
Here is my code:
<!DOCTYPE html>
<html>
<body>
<?php
$txt1 = $_GET["go"];
echo $txt1;
?>
</body>
</html>
If you pass an encoded url it will automatically be decoded
Warning
The superglobals $_GET and $_REQUEST are already decoded.
Using urldecode() on an element in $_GET or $_REQUEST could have
unexpected and dangerous results.
If you still want to see it encoded you can use urlencode()
Edit based on your comment.
If you want to save the encoded version of your request variable named go you can do
echo urlencode($_GET['go']); // this encodes it again
//echo urlencode("http://www.facebook.com/indiandeal");
Output
http%3A%2F%2Fwww.facebook.com%2Findiandeal
Try this it will work :
A querystring may contain several key-value pairs. When there is more than one key-value pair, they are typically separated by ampersands (&).
input :
http://www.indiandeal.in/test.php?go=http%3A%2F%2Fwww.facebook.com%2Findiandeal&123=234
Here, $_GET["go"] only gives you the value associated with go.For access the whole query string you have to use this :
The raw, unprocessed query string can be retrieved by the QUERY_STRING server variable:
echo $_SERVER['QUERY_STRING'];

How do I pass one PHP url as a php variable in another URL without that syntax messing up the variables?

I have a download page that take arguments like the download URL, the download-counter data file url, and the page to return to after downloading.
It is arranged like so:
start.php?url=...&page=...&file=...
(Download url, redirect page, counter file)
The problem is, when the redirect page contains PHP arguments with ? and & symbols, the URL becomes a confusing mess for PHP to work with.
Example:
start.php?url=URLTEXT&page=page?test1=x&test2=xx&file=FILETEXT
What should happen:
url=URLTEXT
page=page?test1=x&test2=xx
file=FILETEXT
what happens:
url=URLTEXT
page=page?test1=x
test2=xx
file=FILETEXT
How could I substitute characters or somehow make these arguments pass correctly in php?
Thanks for any help you can give.
Well, I'm not sure how your "messed up" URL looks like. However the string after the "?" is called Query String, and you can decode/encode it with
urlencode($normalString); //will be encoded for use in URL
urldeocde($queryString); //will be decoded for "normal" use
EDIT:
Here is some short example:
echo "Encode for use in URL: ";
echo urlencode("this is a string & üäöllasdlk<bbb2");
echo "<br />";
echo "Decode to use it in your script: ";
echo urldecode($_SERVER['QUERY_STRING']);
Output:
Encode for use in URL:
this+is+a+string+%26+%C3%BC%C3%A4%C3%B6llasdlk%3Cbbb2
Decode to use it in your script: test=12
(Assuming you have a Querystring containing the variable test=12)
Just use htmlspecialchars function on your URL string:
http://php.net/manual/en/function.htmlspecialchars.php

PHP URL decode GET

I have been using URL decode on encoded URL variables from $_get.
The current problem I am facing is I have a URL encoded like this:
blah.php?url=http%3A%2F%2Fm.youtube.com%2F#/watch?feature=player_embedded&v=zd7c5tQCs1I&desktop_uri=%2Fwatch%3Fv%3Dzd7c5tQCs1I%26feature%3Dplayer_embedded
I'm not sure what kind of encoding this is, can someone help me? When I use just "urldecode" on this it just returns m.youtube.com
Edit: My problem is not that url decode isn't working, it works if I manually enter this encoded URL and use urldecode(), but when this encoded url is in the actual pages url and I use the _GET function then I try to decode it it stripes off everything after the "#" in the URL.
<?php print urldecode($_GET["url"]);?>
It returns
"http://m.youtube.com/"
instead of
"http://m.youtube.com/#/watch?feature=player_embedded&v=zd7c5tQCs1I&desktop_uri=/watch?v=zd7c5tQCs1I&feature=player_embedded"
I think the issue is that the pound sign is not encoded, if I refresh the page it strips away the pound sing and everything after it, so how do I get around this? Can I still retrieve the info from "GET" even though there is a pound sign? (#)
The problem is that the full link has multiple = signs, and browser cant determine, that the other = signs refer just to the url= parameter.
in your case, at first, you need to use function before link is given to url= parameter:
========================= 1) JAVASCRIPT ======================
<script type="text/javascript">
var mylink = encodeURIComponent('http://testest.com/link.php?name=sta&car=saab');
document.write("http://yoursite.com/url=" + mylink);
</script>
========================= 2)or PHP ===========================
<?php
$mylink = 'http://testest.com/link.php?name=sta&car=saab';
echo 'http://yoursite.com/url='.urlencode($mylink);
?>
so, your output (url parameter) will get like this
http://yoursite.com/url=http%3A%2F%2Ftest.com%2Flink.php%3Fname%3Dsta%
so, the url parameter will get the encoded url.
after that, your .php file needs to decode that "url" parameter-
<?php
$varr = $_GET['url'];
$varr = preg_replace("/%u([0-9a-f]{3,4})/i","&#x\\1;",urldecode($varr));
$varr = html_entity_decode($varr,null,'UTF-8');
echo $varr;
?>
that will give you the correct value
I read on php.net about urldecode function and they say that superglobal $_get is already decoded, ex: "The superglobals $_GET and $_REQUEST are already decoded. Using urldecode() on an element in $_GET or $_REQUEST could have unexpected and dangerous results."
It is encoded into ASCII format .
see http://www.w3schools.com/tags/ref_urlencode.asp
So here is the problem, the pound sign (#) (Hash) wasn't encoded... since I can't go back and re-encode it I have to use javascript (ex. alert(window.location.hash);) to send me the full URL after the hash then I append it to PHP's version of the URL, I THEN use a find and replace function in PHP to replace the "#" with "%23", then I use the urldecode method and it returns the full proper url decoded.
This encoding is called percent encoding or URL encoding. You can use urldecode for decoding it. (Example: http://phpfiddle.org/lite/code/0nj-198 )

How to encode, send in a query, and retrieve a url

I am trying to pass a url for creating an iframe as a parameter of a query string. Because the url that I am passing contains an ampersand, I encode the url with 'urlencode' then append it to the query string.
<?php
$url = "http://www.somesite.com/index.php?option=content&view=article&id=1234:some+article";
$url_encoded = urlencode($url);
?>
On the page where I want to create the iframe, I retrieve the url parameter using the $_GET variable.
<?php
$iframe_source = $_GET[$url];
?>
<iframe id="external-link-frame" src="<?php echo $iframe_source ?>"></iframe>
However $_GET only retrieves the part of the parameter value up to the encoded ampersand.
<?php echo $_GET[$url]; //outputs http://www.somesite.com/index.php?option=content ?>
What must I do in order to send the entire url including the parameters that are part of its own query string.
UPDATE: I am able to do it by encoding the url twice
urlencode(urlencode($url));
Take a look at: https://stackoverflow.com/a/2433211/1359529
I think rawurlencode() will encode the ampersands too.
http://us3.php.net/manual/en/function.rawurlencode.php
I believe, how you append it, the $_GET function thinks that the ampersand signs are signifying new values to get. I bet if you did after that $iframe_view = $_GET[$view] it will output article.
If you want it to get the full URL, I think it's best to encode by replacing & signs with something else and then once you get the url, then replace them back to & signs.

Categories