Can I pass URL as string to setrawcookie() in PHP ?
For example:
setrawcookie('Cookie', 'Owner=me&Website=http://my.website.com')
I am asking, because for some reason my cookie in the browser looks like:
Owner=Me&Website=
I assume the issue is tied with the character set.
Encode the cookie value, and decode when retrieving it back.
http://php.net/manual/en/function.htmlentities.php
Change:
setrawcookie('Cookie', 'Owner=me&Website=http://my.website.com')
To:
setrawcookie('Cookie', "Owner=me&Website=http://my.website.com")
Related
I am using curl to call an API POST and pass 15 post fields, one being an actual wbsite URL. For example
https://www.test.com?URL=https://www.myurl.com;&Name=John
Using urlencode converts the characters in the URL post field and the API receiving the POST call does not recognize it as an actual URL. Is there any way to keep the URL string as is when positing?
If you are using GET query arguments, you need to urlencode the value, then decode it on the backend:
https://www.test.com?URL=https%3A%2F%2Fwww.myurl.com
And then:
urldecode($_GET['url'])
For POST, the same is true for application/x-www-form-urlencoded, but doesn't matter for application/json.
Also, just a heads up, you have an extra ; in your URL, which would make it invalid if you included it.
Edit:
I will additionally add, that in general, it's good practice to always urldecode values received from query arugments/form data. The general thought here being that, while you may not want urlencoded data, that's the way the web is built - You should build your code in a way that it's up to the client. This is considered an important step in data sanitation, and should always happen before validation.
You can use php builtin method to decode the url encoded data.
$actualUrl = urldecode ($_GET ['url']);
I have a string defined like:
DEFINE('IMAGES_DIR',"/portal/images/");
After I place it inside of a cookie its content becomes
%2Fportal%2Fimages%2F
I need the string to return like:
/portal/images/
I'm kinda combining two answers mentioned here.
1st
what you described is the default behaviour, PHP will automatically decode it to its original value, you don't need to do urldecode($_COOKIE['name']);
2nd
You can prevent automatic url encoding by using setrawcookie()
Docs
Note that the value portion of the cookie will automatically be urlencoded when you send the cookie, and when it is received, it is automatically decoded and assigned to a variable by the same name as the cookie name. If you don't want this, you can use setrawcookie() instead if you are using PHP 5.
Use urldecode when getting cookie value:
echo urldecode('%2Fportal%2Fimages%2F');
or
//for cookie
echo urldecode($_COOKIE['IMAGES_DIR']);
//for your example above with the contant
echo urldecode(IMAGES_DIR);
I asked how can I add "&" in value of one of the params
for example
www.example.com/index.php?param1=m&c¶m2=value2
It this possible ?
I need to get it by the query_str() as
param1=m&c
param2=value2
It this possible ?
Sure, but you need to url encode it:
www.example.com/index.php?param1=m%26c¶m2=value2
In PHP this could be done with the urlencode function.
As far as decoding the value is concerned, you don't need to do anything special, just read it as you are usually reading GET query string parameters:
$_GET["param1"]
Just encode the & to %26 with PHP urlencode and then use urldecode when retreiving the values
I have done urlencode of the variable before passing to the URL
http://example.com/Restaurants?alias=F%26B
But when I try to print like in the page
$alias = rawurldecode($_GET['alias']);
echo $alias;
it prints only F. How to solve this?
I doubt that $_GET['alias'] exists when requesting a URL with the query aliasF%26B. It’s rather $_GET['aliasF&B'] that’s getting populated.
In this case you need to use $_SERVER['QUERY_STRING'] to get the full query.
It looks like you are not using the query string "correctly." It should be in key=value pairs. I would look at using $_SERVER['QUERY_STRING'] to get your information instead.
You don't need to urlencode the pair. You only need to urlencode name and a value as such:
Wrong:
urlencode('aliasF=B')
Correct:
urlencode('aliasF') . '=' . urlencode('B')
AFAIK $_GET are already decoded.
See php.net
The superglobals $_GET and $_REQUEST
are already decoded. Using urldecode()
on an element in $_GET or $_REQUEST
could have unexpected and dangerous
results.
It is possible to solve this problem by using a different encoding system specific for your situation:
function encode($string)
{
$result = str_replace("|","||",$string);
return str_replace("&","|20",$result);
}
function decode($string)
{
$result = str_replace("|20","&",$string);
return str_replace("||","|",$result);
}
This will basically create a separate escaping system using the '|' character. That character can be anything you normally don't use and isn't an field separator.
Here, Apache won't transform the URL to something different, thus voiding the conversion. Also browsers won't transform it.
Mind that you would decode($_GET['alias']) and encode() the url that the user is pressing or the script is following.
so is there any way to do it. i want to put a string as the cookie name instead of a definite cookie name?
The cookie name is always a string. Do you mean if you can substitute it with a variable? Yes, as with any other string.
setcookie($someString, ...);
$_COOKIE[$someString];