I am POSTing a form input with value:
http://www.domain.com/script.php?var1=1120&var2=254949&url=http%3A%2F%2Fwww.domain2.com%2Ffile%2Bname%3Fvar1%3Dvalue1
on the server (PHP) I get this value:
http://www.domain.com/script.php?var1=1120&var2=254949&url=http://www.domain2.com/file+name?var1=value1
is there anyway to receive the original un-decoded value?
You need to encode only part of your string. In order to achieve that, use function explode to make array of two elements, encode the second one and put them again together. Something like could be helpful.
$str ='http://www.domain.com/script.php?var1=1120&var2=254949&url=http://www.domain2.com/file+name?var1=value1';
$url = explode('url=',$str);
$str2 = $url[0].'url='.urlencode($url[1]);
echo($str2);
Related
Look I have a form like this:
<form method="post">
<input name="variable[var1][var2]" value="44"/>
</form>
I want to get the value of variable[var1][var2] in PHP using a string like:
$str = "['variable']['var1']['var2']";
echo "{$_POST{$str}}";
Why I need to do that?
I need it because the code that gets the value is totally dynamic and I cannot get or set manually the value using $_POST['variable']['var1']['var2'].
Can you help?
NOTE: I know this is possible to get it using $_POST['variable']['var1']['var2'], please don't ask me about why I'm not using this way. Simply I need to use as above (using $str).
You can use preg_match_all() to get all the indexes in the string into an array:
$indexes = preg_match_all('/(?<=\[\')(?:[^\']*)(?=\'\])/', $str);
$indexes = $indexes[0]; // Get just the whole matches
Then use a loop to drill into $_POST.
$cur = $_POST;
foreach ($indexes as $index) {
$cur = $cur[$index];
}
At this point $cur will contain the value you want.
You're WAY overthinking it. Anything you put in [] array notation in a form field's name will just become an array key. The following is LITERALLY all you need:
<input name="foo[bar][baz][qux]" ... />
$val = $_POST['foo']['bar']['baz']['qux'];
You cannot use a string as an "address" into the array, not without insanely ugly hacks like eval, or parsing the string and doing a loop to dig into the array.
It's hard to believe that this is a requirement. If you could expand more on what you're trying to achieve, someone undoubtedly has a better solution. However, I will ignore the eval = evil haters.
To echo:
eval("echo \$_POST$str;");
To assign to a variable:
eval("\$result = \$_POST$str;");
If you're open to another syntax then check How to write getter/setter to access multi-level array by key names?
I am working on a PayPal payment system, I wanna send 2 values in the custom field. Therefor I used the urlencode(json_encode()) functionality. An example of how it looks without urlencoding.
$customData = array();
$customData['invoiceID'] = $invoiceID;
$customData['username'] = urlencode($_GET['username']);
$p->add_field('custom', urlencode(json_encode($customData)));
Output is:
%7B%22invoiceID%22%3A108674%2C%22username%22%3A%22Just%2Btesting%22%7D
Desired output when urldecoding and jsondecoding:
{"invoiceID":108674,"username":"Just testing"}
But it's giving me this after urldecoding and jsondecoding:
{"invoiceID":108674,"username":"Just+testing"}
The workaround for this issue is to urldecode the username itself as well once again. But why do I have to double urldecode just to get the value that I urlencoded with just one time running this function?
Seems like you are applying two times urlencode() to data so you need to apply two times urldecode() or remove one of them.
I think the "custom" field is used to identify your request on the other end, correct? So, that field is for your use and not for paypal. I think it's a good idea to encode it. But, if you want it to survive paypals back end you might want to use base64encode and base64decode.
I'm setting an array to a hidden field using JavaScript. However, the issue is that the array gets converted to a string on form submit when I catch it using PHP.
This is the code that sets the hidden input field value:
document.getElementById("hiddenFieldId").value = arrayFromJS;
Is there any workaround for this?
Actually the problem is earlier I had a select box which sent it's values nicely on form submit. But now I've got a custom select box using JS which sets comma separated values in a hidden field... So in a nutshell I want that input field to act like a pseudo-select box
You should JSON encode/decode the value:
On the client side you use JSON.stringify to encode the array:
document.getElementById("hiddenFieldId").value = JSON.stringify(arrayFromJS);
And then on the server side you can use json_decode:
$arr = json_decode($_POST['hiddenFieldId']); // Fetch the data from POST / GET
foreach ( $arr as $value ) {
// iterate the array on the server side.
}
unset($arr); // Remember to unset the $arr variable
If you know you are handeling a simple array (with string only) you can join the string in javascript and explode/split it php:
document.getElementById("hiddenFieldId").value = arrayFromJS.join('/:/');
PHP:
$arr = explode('/:/', $_POST['hiddenFieldId']);
To support older browser you can use this JSON plugin to the front end: https://github.com/douglascrockford/JSON-js
Is there no way of submitting a serialized parameter without ajax?
I want to access, like, an json encoded parameter when I process the POST from the form, something like: $params = json_decode($_GET['params']);
Any ideas, besides iterating each input and append it to a hidden one that will contain all parameters in an encoded form, ?
Update
I'm using codeigniter, so I would rather do something like
$search = json_decode($this->input->get('params'));
updateName($search['name']);
updateGender($search['gender']);
Than
updateName($this->input->get('name'));
updateGender($this->input->get('gender'));
Not sure if I am missing something here but you can only do a json_decode() on a json object/array.
$this->input->get() will return the whole $_GET array AS A PHP ARRAY, so you dont need to do anything JSON'ick with it to be able to use it as an array.
so would this not do what you want?
$search = $this->input->get();
updateName($search['name']);
updateGender($search['gender']);
If you want to pass it through the XSS filter first just use
$search = $this->input->get(NULL, TRUE);
Basically, I have working solution for this, but I'm wondering if it could (should?) be done better in some other way.
I have table I'm creating in PHP with values from MYSQL. Each item in table has multiple values. In each line there is single link and clicking on this link fires up jQuery function. In each link there is also VALUE attribute with values from multiple MYSQL fields and joined with &&:
PHP code is:
foreach ($this->_data as $l)
{
?>
...
<td>Link</td>
...
<?php
}
And jQuery function to fire up when clickin' on link is:
$(".clickMe").click(function() {
myData = $(this).attr('value').split('&&');
});
Script splits string in VALUE attribute on && and creates an array myData with values:
myData[0] => value passed from $l->_data1 in PHP
myData[1] => value passed from $l->_data2 in PHP
Is this the right way to do it?
It's fine, as long as you'll never have && in your data. You could use json_encode() in PHP and then decode this into an array in JavaScript. That would be a more standard solution.
I would recommend against using && which looks like a boolean AND. Instead I would probably use something like a pipe to separate them val1|val2.
I think you're better off passing the whole joined string in to PHP and splitting it out there. It saves you work on both ends having to put the two resultant values into the proper post or get variables to send to PHP.
Then on the PHP side, it's a little easier to validate the one value's format before splitting it, as you can use a single regex like:
// Validate both values at once: 1 or more digits, a pipe, and one or more digits
if (preg_match('/^(\d+)\|(\d+)$/', $_POST['jqueryinput'])) {
// explode() and use in PHP...
list($val1, $val2) = explode("|", $_POST['jqueryinput']);
}