I have this problem in finding a solutions in Disallowed Key Characters in CodeIgniter. My problem is, I want that the £ sign will be passed in through my url.
For example,
I have this product testing-product-nutella.
I want to add a £ sign besides testing-product-nutella£ somewhat like that.
here is my code below
//---------------------------------------------------------------------------------//
//--------------------------> Build the product list data--------------------------//
//---------------------------------------------------------------------------------//
$prod_list = Array();
foreach($prods_query as $prod)
{
//echo htmlentities($prod['prod_name']);
//print_r($prod);
//$prod_name_url = Make_into_url($prod['prod_name']);
$prod_name_url = htmlentities($prod['prod_name']);
print_r($prod_name_url);
// get the minimum order quantity and price from db
if ($min_price = $this->Price_model->Get_listing_price($prod['prod_id']))
{
$min_order_qty = $min_price['qty_value'];
$min_order_price = $min_price['price_amount'] > 0 ? number_format($min_price['price_amount'], 2) : false;
}
else
{
// this shouldn't happen but just in case...
$min_order_qty = "";
$min_order_price = "";
}
// get the default image for the product from the database
$default_pic_row = $this->Picture_model->Get_default_product_picture($prod['prod_id']);
// get a list of all the special categories that a product is in
$product_spec_cats = $this->Special_category_model->Get_product_special_cats($prod['prod_id']);
// is the product on special offer, if so, get the details
$product_spec_off = $this->Special_offer_model->Get_product_special_offer_details($prod['prod_id']);
$nameUrl = urlencode($prod_name_url);
echo "<pre>";
echo $nameUrl;
echo "</pre>";
$prod_list[] = Array(
"prod_id" => $prod['prod_id']
,"prod_name" => urldecode($nameUrl)
,"prod_min_price" => $min_order_price
,"prod_min_qty" => $min_order_qty
,"prod_desc" => $prod['prod_desc']
,"prod_code" => $prod['prod_code']
,"prod_pic_thumb" => $default_pic_row['pic_thumb']
,"product_colours_image" => ""
,"prod_spec_cats" => $product_spec_cats
,"prod_spec_off" => $product_spec_off
);
}
When I tried to add a £ sign it says Disallowed Key Characters. I want that when I add a special characters and passed in the url the product will display by having the special characters.
I tried to see the files in system/libraries/Input.php file and tried to change a lil bit on the code in function _clean_input_keys but it didnt work. Can someone help me figured this thing out? Any help is muchly appreciated.
TIA
You have to url encode the pound sign. Build your url string and then pass it to the php urlencode($url) function which will convert it into allowed characters: "%a3" for a "£"
To retrieve it use urldecode($url)
Related
I have a reference emojis file used by my php code. Inside there is for example "woman-woman-boy", but the browser (chrome) replaces this name by "family_mothers_one_boy"...
Why are there two versions of emojis' names?
Is there en (some) error(s) in my file, or should I have to do something in my code to avoid the conversion?
NOTE:
The code related to this emoji is:
1F469;👩👦
Here are the two functions I'm using to manage the emojis:
1. When I display the emoji, I replace the tage :name: by the HTML rendering (using unicode)
function replaceEmojiNameByUnicode($inputText){
$emoji_unicode = getTabEmojiUnicode();
preg_match_all("/:([a-zA-Z0-9'_+-]+):/", $inputText, $emojis);
foreach ($emojis[1] as $emojiname) {
if (isset($emoji_unicode[$emojiname])) {
$inputText = str_replace(":".$emojiname.":", "&#x".$emoji_unicode[$emojiname].";", $inputText);
}
else {
$inputText = str_replace(":".$emojiname.":", "(:".$emojiname.":)", $inputText);
}
}
return $inputText;
}
2. When I want to propose the list of emoji I display an HTML SELECT in the page. Teh following function return the list of option to add inside:
/* Display the options in the HTML select */
function displayEmojisOptions(){
$emoji_unicode = getTabEmojiUnicode();
foreach ($emoji_unicode as $name => $unicode) {
echo '<option value="&#x'.$unicode.';">'.$name.' => &#x'.$unicode.';</option>';
}
}
In the array $emoji_unicode there is one entry (with 3 semi-column removed to not display emoji here):
'family_one_girl' => '1F468;‍👩‍👧',
For example: In order to make it works, I have to replace the line 'thinking_face' => '1F914', by 'thinking' => '1F914',
My question is: why ??
Thank you
Nop, the emoji text was changed by no code... I guess it was due to a wrong emoji file I used... I correct all the emoji manually and now I did not see the mismatch anymore...
If someone need the corrected file, I can provide it.
I'm creating a module in Opencart and have used the standard 'model' to add an array into the database. Unfortunately when I retrieve via
$this->data['font'] = unserialize($this->config->get('selectfont'));
The information has removed the capital letters and spaces between the words. How can I add the capitals and spaces back into the variables? Sorry been racking my brains over this for days. Help much appreciated.
Davetoff
Ok so I've done some digging around in the back and basically the POST command puts the data into the database via serialize:
if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validate()) {
foreach ($this->request->post as $key => $value) {
$this->request->post[$key] = serialize($value);
}
So when I retrieve it via:
$this->data['font'] = unserialize($this->config->get('selectfont'));
it should work but doesn't. I've attached a line of the sort of data field I have in the data base:
a:6:{i:0;s:11:"segoescript";i:1;s:5:"serif";i:2;s...etc etc
This should unserialize...right?
Help please.
UPDATE tbl_url_alias SET keyword = LOWER(keyword)
UPDATE tbl_url_alias SET keyword = REPLACE (keyword, ' ', '-')
Run this query in the database, for which table you needed.
I am using Yii framework, I want to do some search filtering, but I am getting wrong results in some cases as follow:
I have 2 check-boxes: Canada and united states, if I check Canada I will get all the results related to Canada only, while if I check united states I will get all the results in the db regardless its related to united states or not, and this bug is absolutely happen because united states string is of 2 parts so it need to be in quotations. here is my code:
the view page:
echo '<div class="checkbox"><label>'.
CHtml::checkBox($m2->tag, false, array('value'=>"$m2->tag")).$m2->tag
.'</label></div>';
the controller:
$c = new CDbCriteria();
$c->order = "idJob DESC";
$model = Jobs::model()->findAll($c);
$model2 = Tags::model()->findAll();
$lcr = "";
$tag="";
foreach($model2 as $m2){
if(isset($_POST[$m2->tag])){
$tag = $_POST[$m2->tag];
if($m2->category=='Location')
$lcr[]= $tag;
}
}
if($lcr!="")
$c->addInCondition('location', $lcr, 'AND');
$model = Jobs::model()->findAll($c);
OK it sounds like I found a solution for this problem and its working correctly, here is the solution:
in the controller:
foreach($model2 as $m2){
if (strpos($m2->tag, ' ') !== FALSE)
$m2->tag = str_replace(" ","_",$m2->tag);
if(isset($_POST["$m2->tag"])){
....
So, as you see in the code, if the tag contain any white space it will be replaced by _ , and in the HTML the id attribute will replace the white space by _ automatically, so they are matched now.
Please check the following code on your code its will work you
$criteria->addSearchCondition('location', 'YOUR SEARCH STRING', false);
I have a column within my MySQL database which stores a product description that includes non-alphanumeric characters. I'm trying to run a PHP dump of various fields within the datebase using my Apache Server - and I would like to remove all of the non-alphanumeric characters from the product description before being returned.
// load all stock
while ($line = mysql_fetch_assoc($result) ) {
?>
<?
$size = '3';
// check if size is available
if($line['quantity_size_'.$size.''] > 0 ) {
?>
<?=$line['product_id']?>,
<?=$line['code_size_'.$size.'']?>,
EAN,
<?=$line['title']?>,
<?=$_GET['brand']?>,
<?=$_GET['brand']?>,
**<?=$line preg_replace('/[^\da-z]/i', '', ['amazon_desc']),**
<?=$size?>,
<?=$line['colour']?>,
....
I've emboldened the relevant line above - this seems to return a T_String error.
Any body help?
Thanks
A
<?=$line preg_replace('/[^\da-z]/i', '', ['amazon_desc']),
should be:
<?=preg_replace('/[^\da-z]/i', '', $line['amazon_desc']) ?>
This basic function calling syntax, I don't know where you got the idea that you could be the array name before the function, and the index inside the arguments.
I am creating an OpenCart extension where the admin can change his email templates using the user interface in the admin panel.
I would like the user to have the option to add variables to his custom email templates. For example he could put in:
Hello $order['customer_firstname'], your order has been processed.
At this point $order would be undefined, the user is simply telling defining the message that is to be sent. This would be stored to the database and called when the email is to be sent.
The problem is, how do I get "$order['customer_firstname']" to become a litteral string, and then be converted to a variable when necessary?
Thanks
Peter
If I understand your question correctly, you could do something like this:
The customer has a textarea or similar to input the template
Dear %NAME%, blah blah %SOMETHING%
Then you could have
$values = array('%SOMETHING%' => $order['something'], '%NAME%' => $order['name']);
$str = str_replace(array_keys($values), array_values($values), $str);
the user will be using around 40 variables. Is there a way I can set it to do that for each "%VARIABLE%"?
Yes, you can do so for each variable easily with the help of a callback function.
This allows you, to process each match with a function of your choice, returning the desired replacement.
$processed = preg_replace_callback("/%(\S+)%/", function($matches) {
$name = $matches[1]; // between the % signs
$replacement = get_replacement_if_valid($name);
return $replacement;
},
$text_to_replace_in
);
From here, you can do anything you like, dot notation, for example:
function get_replacement_if_valid($name) {
list($var, $key) = explode(".", $name);
if ($var === "order") {
$order = init_oder(); // symbolic
if(array_key_exists($key, $order)) {
return $order[$key];
}
}
return "<invalid key: $name>";
}
This simplistic implementation allows you, to process replacements such as %order.name% substituting them with $order['name'].
You could define your own simple template engine:
function template($text, $context) {
$tags = preg_match_all('~%([a-zA-Z0-9]+)\.([a-zA-Z0-9]+)%~', $text, $matches);
for($i = 0; $i < count($matches[0]); $i++) {
$subject = $matches[0][$i];
$ctx = $matches[1][$i];
$key = $matches[3][$i];
$value = $context[$ctx][$key];
$text = str_replace($subject, $value, $text);
}
return $text;
}
This allows you to transform a string like this:
$text = 'Hello %order.name%. You have %order.percent%% discount. Pay a total ammount of %payment.ammount% using %payment.type%.';
$templated = template($text, array(
'order' => array(
'name' => 'Alex',
'percent' => 20
),
'payment' => array(
'type' => 'VISA',
'ammount' => '$299.9'
)
));
echo $templated;
Into this:
Hello Alex. You have 20% discount. Pay a total ammount of $299.9 using VISA.
This allows you to have any number of variables defined.
If you want to keep the PHP-syntax, then a regex would be appropriate to filter them:
$text = preg_replace(
"/ [$] (\w+) \[ '? (\w+) \'? \] /exi",
"$$1['$2']", # basically a constrained eval
$text
);
Note that it needs to be executed in the same scope as $order is defined. Else (and preferrably) use preg_replace_callback instead for maximum flexibility.
You could also allow another syntax this way. For example {order[customer]} or %order.customer% is more common and possibly easier to use than the PHP syntax.
You can store it as Hello $order['customer_firstname'] and while accessing make sure you have double-quotes "" to convert the variable to its corresponding value.
echo "Hello $order['customer_firstname']";
Edit: As per the comments, a variation to Prash's answer,
str_replace('%CUSTOMERNAME%', $order['customer_name'], $str);
What you're looking for is:
eval("echo \"" . $input . "\";");
but please, PLEASE don't do that, because that lets the user run any code he wants.
A much better way would be a custom template-ish system, where you provide a list of available values for the user to drop in the code using something like %user_firstname%. Then, you can use str_replace and friends to swap those tags out with the actual values, but you can still scan for any sort of malicious code.
This is why Markdown and similar are popular; they give the user control over presentation of his content while still making it easy to scan for HTML/JS/PHP/SQL injection/anything else they might try to sneak in, because whitelisting is easier than blacklisting.
Perhaps you can have a template like this:
$tpl = "Hello {$order['customer_firstname']}, your order has been processed.".
If $order and that specific key is not null, you can use echo $tpl directly and show the content of 'customer_firstname' key in the text. The key are the curly braces here.