I have this invalid link hard coded in software which I cannot modify.
http://www.16start.com/results.php?cof=GALT:#FFFFFF;GL:1;DIV:#FFFFFF;FORID:1&q=search
I would like to use php header location to redirect it to a valid URL which does not contain the querystring. I'd like to pass just the parameter q=.
I've tried
$q = $_GET['q'];
header ("Location: http://www.newURL.com/results.php?" . $q . "");
But it's just passing the invalid querystring to the new location in addition to modifying it in a strange way
This is the destination location I get, which is also invalid
http://www.newURL.com/results.php?#FFFFFF;GL:1;DIV:#FFFFFF;FORID:1&q=search
That's because # is seen as the start of a fragment identifier and confuses the parser.
You can take the easy-way as Stretch suggested but you should be aware that q is the last query parameter in your URL. Therefore, it might be better to fix the URL and extract the query parameters in a safer way:
<?php
$url = "http://www.16start.com/results.php?cof=GALT:#FFFFFF;GL:1;DIV:#FFFFFF;FORID:1&q=search";
// Replace # with its HTML entity:
$url = str_replace('#', "%23", $url);
// Extract the query part from the URL
$query = parse_url($url, PHP_URL_QUERY);
// From here on you could prepend the new url
$newUrl = "http://www.newURL.com/results.php?" . $query;
var_dump($newUrl);
// Or you can even go further and convert the query part into an array
parse_str($query, $params);
var_dump($params);
?>
Output
string 'http://www.newURL.com/results.php?cof=GALT:%23FFFFFF;GL:1;DIV:%23FFFFFF;FORID:1&q=search' (length=88)
array
'cof' => string 'GALT:#FFFFFF;GL:1;DIV:#FFFFFF;FORID:1' (length=37)
'q' => string 'search' (length=6)
Update
After your comments, it seems that the URL is not available as a string in your script and you want to get it from the browser.
The bad news is that PHP will not receive the fragment part (everything after the #), because it is not sent to the server. You can verify this if you check the network tab in the Development tools of your browser F12.
In this case, you'll have to host a page at http://www.16start.com/results.php that contains some client-side JavaScript for parsing the fragment and redirecting the user.
one way could be to use strstr() to get everything after (and including q=) in the string.
So:
$q=strstr($_GET['q'],'q=');
Give that a whirl
Related
Ive been using URL-parameters to make a landingpage behind a searchform more personal. I felt relatively bulletproof validating stuff like this
$string = $_GET['city']
$res = preg_replace("/[^a-zA-Z0-9]/", "", $string);
until I tried something like ?city=# as a value and my whole page crashed and im not so sure anymore.
What is the way to go to validate without writing a whole engine or at least stop my page crashing from #?
Thanks
PHP has a lot of functionalities which help you avoid problems like this.
Whenever you create URL to be displayed in the browser it has to be urlencoded. If you are just appending the query string part to a fixed url you can build that string with http_build_query. For example:
$querystring = [
'param1' = 123,
'param2' = 'hello with a #'
];
$QS_encoded = http_build_query($querystring);
echo 'My link';
# in URL denotes another part of URL which is the hash part. This is not going to be a part of your $_GET superglobal.
If for any reason you would like to type out the URL with a query string containing # manually by hand, then you need to use the encoded version %23. e.g. http://php.net/manual-lookup.php?pattern=%23
On a side note. You shouldn't use regex for filtering data like this. PHP once again has already an extension for this: filters.
Using window.location.hash (used to pass in ID for page) returns something like the following:
Also, for people asking why I used window.location.hash instead of window.location.href is because window.location.href started looping infinitely for some reason, and .hash does not. I don't think this should be a big deal, but let me know if it is and if I need to change it.
http://website.com/NewPage.php#?name=1418019307305
[The string of numbers is actually epoch system time]
When using PHP to try to retrieve this variable It is not picking up any text in the file It's supposed to write to.
<?php
$myfile = fopen("File1.txt","w");
echo $_GET['name'];
fwrite($myfile, $_GET['name']);
fclose($myfile);
?>
Try to print $_SERVER variable and it will give you the array and in the desired key you can get the values. It can help you to find that variable in the string.
If you want to get the value after the hash mark or anchor, that isn't possible with "standard" HTTP as this value is never sent to the server. However, you could parse a URL into bits, including the fragment part, using parse_url().
This should do the trick:
<?php
$name_query = parse_url("http://website.com/NewPage.php#?name=1418019307305");
$get_name = substr($name_query['query'], strpos($name_query['query'], "=") + 1);
echo $get_name;
?>
Working example: http://codepad.org/8sHYUuCS
Then you can use $get_name to store "name" value in a text file.
The hash tag is a fragment that never gets processed by the server, but rather the user-agent, i.e. the browser, so JavaScript may certainly access it. (See https://www.rfc-editor.org/rfc/rfc3986#section-3.5). PHP does allow you to manipulate a url that contains a hash tag with parse_url(). Here's another way to get the info:
<?php
$parts = parse_url("http://website.com/NewPage.php#?name=1418019307305");
list(,$value) = explode("=",$parts['fragment']);
echo $value; // 1418019307305
The placement of the hash tag in this case wipes out the query string so $_SERVER['QUERY_STRING'] will display an empty string. If one were to rewrite the url following best practice, the query string would precede the hash tag and any info following that mark. In which case the script for parsing such a url could be a variation of the preceding, as follows:
<?php
$bestPracticeURL = "http://website.com/NewPage.php?name=1418019307305#more_data";
$parts = parse_url( $bestPracticeURL );
list(,$value) = explode("=", $parts['query']);
$hashData = $parts['fragment'];
echo "Value: $value, plus extra: $hashData";
// Value: 1418019307305, plus extra: more_data
Note how in this case parse_url was able to capture the query string as well as the hash tag data. Of course, if the query string had more than one key and value, then you might need to explode on the '&' into an array and then explode each array element to extract the value.
So im trying to get an url from the address bar that looks like this:
http://mysite.com/url.php?name=http://test.com/format.jsp?id=738ths3&secure=false
I'm using the $_GET variable to read it right off the URL my code is as follows
$arc = rawurlencode($_GET['name']);
echo "URL: $arc";
This only returns
URL: http://imgur.com/format.jsp?id=738ths3
It 's missing the &secure=false
What i want it to look:
URL: http://test.com/format.jsp?id=738ths3&secure=false
I have tried urlencode, rawurlencode with no avail, i have looked in google a number of forums and stackoverflow none of the answer help, any ideas? Thanks!
urlencode shows this:
URL: http%3A%2F%2Ftest.com
so i cant have that either!
You'll need to urlencode() before constructing the URL, ie:
$url = "http://mysite.com/url.php?name=".urlencode('http://test.com/format.jsp?id=738ths3&secure=false');
This way, you will be able obtain the full URL as a name GET parameter from $_GET['name'].
Explanation:
Without urlencode() it when constructing the URL, PHP would treat is as 2 separate parameters, separated by &:
$_GET['name']
which is http://imgur.com/format.jsp?id=738ths3 for your case
$_GET['secure']
which is false for your case
Alternatively:
From your comment, it seems that you do not have control for the URL construction. You can get the full $_GET in a single string using http_build_query:
$name = http_build_query($_GET);
You would then obtain:
echo $name; // name=http://test.com/format.jsp?id=738ths3&secure=false
// which you would then may want to strip away the first 'name='
$name = substr($name, strlen('name='));
echo $name; // to obtain http://test.com/format.jsp?id=738ths3&secure=false
The original URL, http://mysite.com/url.php?name=http://test.com/format.jsp?id=738ths3&secure=false, contains two query-string parameters: name and secure. The & in the query-string belongs to the full URL, not the URL in the name parameter.
If you have control over this value, when declaring the link/URL, use PHP's urlencode() to encode the full name value, such as:
$url = "http://mysite.com/url.php?name=" . urlencode("=http://test.com/format.jsp?id=738ths3&secure=false");
This will properly encode the name parameter and your $arc = $_GET['name']; will work as desired.
If you do not have control over setting the value and are simply parsing something you're receiving, you can split the given string on the name= parameter and assume everything else after it is part of name:
$splitQuery = split('name=', $_SERVER['REQUEST_URI']);
$arc = $splitQuery[1];
To decode the encoded URL, after you've accessed it, use PHP's urldecode():
$arc = urldecode($_GET['name']); // assuming you're properly encoding the `name` parameter
If you cannot encode the URL, you can get the current URI with this code:
$url = $_SERVER["REQUEST_URI"];
that in your case, the $url is :
/url.php?name=http://test.com/format.jsp?id=738ths3&secure=false
Then you can split it with explode and validate it and take the GET params from it.
I think I have the need to take a uri which has been decoded in PHP, and re-encode it.
Here is the situation:
JavaScript passes encoded uri as query string parameter to php script.
PHP script embeds uri as a hidden input value in an html document, responds with the document to a user agent.
JavaScript reads embedded uri and sets location of current document based on value of hidden input.
On Step 2, I am finding that the Uri is fully decoded after reading it in via $_GET. So when I embed the uri in the hidden input, it becomes un-encoded. So I would like to run a PHP script which re-encodes the Uri properly ex:
http://my.example.com/dog walk?is=very great
==>
http://my.example.com/dog%20walk?is=very%20great
Is there a pre-built php function for this or should I just write my own?
PLEASE NOTE: urlencode and urldecode are not the answer to get the desired input/output I have in the example above.
Thanks,
Macy
Are you looking for : http://fr.php.net/manual/en/function.urlencode.php ?
I don't know if will help you, but PHP have 3 useful functions:
$url = parse_url('put the url here');
parse_str( $url['query'], $query ); // generating an array by reference (yes, kinda weird)
echo $query; //in this line, you can encode or decode.
or, if you want to mount a query, you can use http_build_query(); that accepts values from an array, like:
$url = 'http://my.example.com/dog walk?';
$array = Array (
'is' => 'very_great',
);
$url_created = $url . http_build_query($array);
urldecode:
http://www.php.net/manual/en/function.urldecode.php
I'm sending a php script multiple urls (about 15) at once, all containing about 5 url variables. In my script, I'm parsing the chunk of urls into individual ones by splitting them with two backslashes (which i add upon before to the script), and then curling each individual url. However, when I run my script, it only accepts a url up to the "&" symbol. I'd like to have the entire chunk, so that I can split it up later in my script. What might be the best way to approach this issue?
Thanks.
An example of what happens when i send my script a url chunk:
<?php
/*
$url variable being sent to script:
http://www.test1.com?q1=a&q2=b&q3=c&q4=d\\http://www.test2.com?r1=a&r2=b&r3=c&r4=d\\http://www.test3.com?q1=a&q2=b&q3=c&q4=d\\http://www.test4.com?e1=a&e2=b&e3=c&e4=d
*/
$url = $_GET['url'];
echo $url; // returns http://www.test1.com?q1=a
//later on in my script, i just need to curl each "\\" seperated url
?>
You need to urlencode() the (data) URLs before appending them to your script's request.
Otherwise, PHP is going to to see ?listOfUrls=http://someurl.com/?someVar=SomeVal& and stop right there, due to the literal "&"
If you're building the query string in PHP you could try something like:
<?PHP
//imagine $urls is an array of urls
$qs = '?urls=';
foreach($urls as $u){
$q .= urlencode($u) .'\\';
}
I also suspect you can play with [] notation in the url so that on the other side of the GET, you get a nice clean array of URLs back, instead of having to parse on some delimiter like "\"
Since you didn't url encode your url param, everything after the first & is treated as the param to the original url.
The $_GET array is formed by splitting on ampersands. URL-encode the URLs before passing them as parameters. PHP should decode them for you.
Example: pass url=http://www.test1.com?q1=a%26q2=b%26q3=c%26q4=d\\http://www.test2.com?r1=a%26r2=b%26r3=c%26r4=d\\http://www.test3.com?q1=a%26q2=b%26q3=c%26q4=d\\http://www.test4.com?e1=a%26e2=b%26e3=c%26e4=d
You can do away with the '\\' by turning the parameter into an array. Example: use url[]=http://www.test1.com?q1=a%26q2=b%26q3=c%26q4=d&url[]=http://www.test2.com?r1=a%26r2=b%26r3=c%26r4=d&url[]=http://www.test3.com?q1=a%26q2=b%26q3=c%26q4=d&url[]=http://www.test4.com?e1=a%26e2=b%26e3=c%26e4=d