From the below URL
http://nis.com/projects/cc_intranet/mauth/lib_test/?authenticate=7JaoTs9NM4xdTnZpQE+q73X4N0oqMvX+BSlLrsqDeUL6VwaXt/91ZYOviomSIt/DvPuEjKAvip5++++++++++UZuVQWJ53mQa83Dz5EX4sfbjI1iXQjHrdwa2Ecca1bLe6MHis9UuSs
When i use "$_GET['authenticate'];" and then print it,
i get the the following output where "+" doesn't display.
7JaoTs9NM4xdTnZpQE q73X4N0oqMvX
BSlLrsqDeUL6VwaXt/91ZYOviomSIt/DvPuEjKAvip5
UZuVQWJ53mQa83Dz5EX4sfbjI1iXQjHrdwa2Ecca1bLe6MHis9UuSs
Is there any way how to get the exact same result ?? (i.e) in my case the "+" symbol has not been passed to the $_GET['authenticate'] while printing it ???
+ is reserved character in GET queries to represent a space character. If you really need + character in your query you need to replace it with %2B:
authenticate=7JaoTs9NM4xdTnZpQE%2Bq73X4N0oqMvX%2BBSlLrsqDeUL6VwaXt/91ZYOviomSIt/DvPuEjKAvip5%2B%2B%2B%2B%2B%2B%2B%2B%2B%2BUZuVQWJ53mQa83Dz5EX4sfbjI1iXQjHrdwa2Ecca1bLe6MHis9UuSs
urlencode php function is a good way to create a proper URL with all reserved symbols escaped.
urldecode function is for decoding such URLs.
Related
I have a webapp created using C# and asp.net. I placed a parameter value in the querystring with a plus(+) sign. But the plus sign disappear.
How can I include the plus sign(+) in the query string without disappearing?
Please advise.
Thanks.
Edit: added code with UrlEncode
string str = Server.UrlEncode(Requery.QueryString["new"]);
+ sign has a semantic meaning in the query string. It is used to represent a space. Another character that has semantic importance in the query string is & which is used to separate the various var=value pairs in the query string.
Most server side scripts would decode the query parameters before using them, so that a + gets properly converted to a space. Now, if you want a literal + to be present in the query string, you need to specify %2B instead.
+ sign in the query string is URL-decoded to a space. %2B in the query string is URL-decoded to a + sign.
See the difference between
http://www.google.com/search?q=foo+bar
and
http://www.google.com/search?q=foo%2Bbar
In the above examples, Google's server script is URL-decoding the query parameters and then using them to do the search.
URL-encoding is nothing but % sign followed by the hex-code of the special character. For example, we know that the hex code of A is 0x41 (decimal: 65). Try this:
http://www.google.com/search?q=%41
Hope this makes URL-encoding clear.
So, if you want the + sign to be preserved when a JavaScript is fetching a URL with + signs in its query parameters and a server side script would process the query parameters after URL-decoding it, you should URL-encode the query parameters in the URL before using issuing the HTTP get request so that all + signs are converted to %2B's when the request reaches the server side script. Now when the server side script URL-decodes the query string, all %2B's gets converted back to + signs which is what you want.
See Encode URL in JavaScript? to learn how to URL-encode the parameters using JavaScript. Short answer from the discussion there:
var encodedURL = "http://example.com/foo.php?var=" + encodeURIComponent(param);
You should URLEncode your query string values to make sure any special characters are not lost.
Look at HTML URL Encoding Reference
You need to Encode the + sign - It's value should be %2B
I alter my previous statement so no one gets confused!
Create your url using the Server.UrlEncode.
e.g.
string myUrl = "http://myurl?param1=" + Server.UrlEncode("my+param+1");
For the solution, I have applied:
Step 1:Use Server.UrlEncode method for encoding the URL parameter.
Response.Redirect("YourURL?parameter=Server.UrlEncode(parameterValue.ToString().Trim()");
step 2: on another side, you get a string with a plus(+) sign.
var parameter = Request.QueryString["parameterValue"].ToString().Trim();
This is the result: %2beH8 --> +eH8
Other simple way is, Request.Url.ToString().Substring(Request.Url.ToString().IndexOf("=") + 1) assuming that my URL is, http://localhost/MyApp/Activate.aspx?ActivationCode=cHbtqH9P2dDZkx/mYUgFFo7nrNqSFgqdPisAzzu5/nwlEYDOHI+CQw==
before send you parameter, you need check if the parameter contains plus sign, if have you need replace to one flag, for example:
the parameter is: klasjdlkasd+djid3223
can you replace: klasjdlkasdFLAGdjid3223
and when you go convert, you need replace angain
klasjdlkasd+djid3223
Try this, it works for me:
Request.QueryString["new"].Trim();
The solution is to ALWAYS include .Replace(" ", "+") when you request querystring
string s = Request.QueryString["id"].Trim().Replace(" ", "+");
source: http://www.webmasterworld.com/forum47/3238.htm
Add this line in Decrypt Funcation:
strText = strText.Replace(" ", "+");
I am trying to send a GET message that contains strings with ampersands and can't figure how to escape the ampersand in the URL.
Example:
http://www.example.com?candy_name=M&M
result => candy_name = M
I also tried:
http://www.example.com?candy_name=M\&M
result => candy_name = M\\
I am using URLs manually, so I just need the correct characters.
I can't use any libraries. How can it be done?
They need to be percent-encoded:
> encodeURIComponent('&')
"%26"
So in your case, the URL would look like:
http://www.mysite.com?candy_name=M%26M
This does not only apply to the ampersand in URLs, but to all reserved characters. Some of which include:
# $ & + , / : ; = ? # [ ]
The idea is the same as encoding an &in an HTML document, but the context has changed to be within the URI, in addition to being within the HTML document. So, the percent-encoding prevents issues with parsing inside of both contexts.
The place where this comes in handy a lot is when you need to put a URL inside of another URL. For example, if you want to post a status on Twitter:
http://www.twitter.com/intent/tweet?status=What%27s%20up%2C%20StackOverflow%3F(http%3A%2F%2Fwww.stackoverflow.com)
There's lots of reserved characters in my Tweet, namely ?'():/, so I encoded the whole value of the status URL parameter. This also is helpful when using mailto: links that have a message body or subject, because you need to encode the body and subject parameters to keep line breaks, ampersands, etc. intact.
When a character from the reserved set (a "reserved character") has
special meaning (a "reserved purpose") in a certain context, and a URI
scheme says that it is necessary to use that character for some other
purpose, then the character must be percent-encoded. Percent-encoding
a reserved character involves converting the character to its
corresponding byte value in ASCII and then representing that value as
a pair of hexadecimal digits. The digits, preceded by a percent sign
("%") which is used as an escape character, are then used in the URI
in place of the reserved character. (For a non-ASCII character, it is
typically converted to its byte sequence in UTF-8, and then each byte
value is represented as above.) The reserved character "/", for
example, if used in the "path" component of a URI, has the special
meaning of being a delimiter between path segments. If, according to a
given URI scheme, "/" needs to be in a path segment, then the three
characters "%2F" or "%2f" must be used in the segment instead of a raw
"/".
http://en.wikipedia.org/wiki/Percent-encoding#Percent-encoding_reserved_characters
Try using http://www.example.org?candy_name=M%26M.
See also this reference and some more information on Wikipedia.
I would like to add a minor comment to Blender's solution.
You can do the following:
var link = 'http://example.com?candy_name=' + encodeURIComponent('M&M');
That outputs:
http://example.com?candy_name=M%26M
The great thing about this it does not only work for &, but for any especial character.
For instance:
var link = 'http://example.com?candy_name=' + encodeURIComponent('M&M?><')
Outputs:
"http://example.com?candy_name=M%26M%3F%3E%3C"
You can use the % character to 'escape' characters that aren't allowed in URLs. See RFC 1738.
A table of ASCII values is given on the Wikipedia page.
You can see & is 26 in hexadecimal - so you need M%26M.
This may help if someone want it in PHP
$variable ="candy_name=M&M";
$variable = str_replace("&", "%26", $variable);
If you can't use any libraries to encode the value,
http://www.urlencoder.org/ or http://www.urlencode-urldecode.com/ or ...
Just enter your value "M&M", not the full URL ;-)
You can rather pass your arguments using this encodeURIComponent function so you don't have to worry about passing any special characters.
data: "param1=getAccNos¶m2="+encodeURIComponent('Dolce & Gabbana') OR
var someValue = 'Dolce & Gabbana';
data : "param1=getAccNos¶m2="+encodeURIComponent(someValue)
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent
For some reason when preg_replace sees ¬ in string and replaces it with ¬:
$url= "http://something?blah=2&you=3&rate=22¬hing=1";
echo preg_replace("/&rate=[0-9]*/", "", $url) . "<br/>";
But the output is as follows:
http://something?blah=2&you=3¬hing=1 // Current result
http://something?blah=2&you=3¬hing=1 // Expected result
Any ideas why this is happening and how to prevent it?
& has special meaning when used URIs. Your URI contains ¬, which is a valid HTML entity on its own. It's being converted to ¬, hence causing the trouble. Escape them properly as ¬ to avoid this problem. If your data is fetched from elsewhere, you can use htmlspecialchars() to do this automatically.
Use this & in place of this &
because your &no has special meaning
use this url :
http://something?blah=2&you=3&rate=22¬hing=1
and then do your replace accordingly
I have an application that posts content to a MySQL DB via PHP. The PHP uses $_GET to pull the content from the URL and then inserts it into the DB.
This works great, but I have discovered an issue. If the user enters certain characters (", &, and others), the $_GET method does not properly separate the content from the URL.
Let's say the user posts this content:
I love blue & green
In this situation, the & symbol cuts the string after the word blue.
Is there any way for me to edit my PHP file to ignore the & symbol and to actually treat it as part of the variable it is supposed to $_GET? Any help would be great!
You can URLencode data before sending it to the PHP. It's a better solution.
Specials chars must not be used in a query string if those chars are in data.
In Javascript, you can use the escape function : escape(&ee) will give %26ee
The correct method is to urlencode the "&" caracter by the client : pass "%26" instead of "&"
you can use $_SERVER['QUERY_STRING']
from http://php.net/manual/en/reserved.variables.server.php
You could send the request as a base64 encoded string:
$string = base64_encode("This is my long string with &ersands and 'quotes'");
print base64_decode($string);
Note that base64-encoded data takes about 33% more space than the original data.
From the manual:
http://php.net/manual/en/function.base64-encode.php
You also have urlencode
try to urlencode your string:
&
becomes
%26
it's a PHP function :
http://php.net/manual/fr/function.urlencode.php
What about, before creating Query string, encode it ?
$str = "I love blue & green ?=&˙Đ[]";
$str = urlencode($str);
echo $str;
Will return:
I%20love%20blue%20%26%20green%20%3F%3D%26%CB%99%C4%90%5B%5D
You have to URL encode the string before you pass it as a GET parameter. In this particular case you have to replace & symbol with %26.
This can be done for example using javascript right before you send the form.
I am trying to do a query string in html.
String that I want to pass is "Book Cover".
But I only managed to get Book.
How should I go about doing it?
Below is my code:
<a href=book.php?category=Book Cover>Book Cover</a>
You need to encode all your query string vars, For example with rawurlencode / rawurldecode
Book Cover
And in PHP:
$category = rawurldecode($_POST['category']);
In HTML the value stops at the space:
<a href=book.php?category=Book Cover>Book Cover</a>
^
If you want to include a space inside a value in HTML you need to add quotes:
Book Cover
^ ^
In HTML both single and double quotes are allowed.
Now the value itself has a problem, too:
book.php?category=Book Cover
`- URL stops here.
This is a relative HTTP URL and as for any HTTP URL the space character is a special value. It can normally not be part of the URL, therefore you need to encode it. This can be done as with any other special character in a HTTP URL with triplet encoding / percentage-encoding replacing the binary value of the character(s) with their hexadecimal number:
book.php?category=Book%20Cover
For the space you have, historically it is even a special-case, you can also encode it with the plus sign.
The later problem is often dealt with by the user agents, but the quotes in HTML are needed otherwise the value gets cut.
And it is generally good practice to place attribute values in HTML inside (double) quotes. So I suggest you to do that.
Why not convert to UTF-8 before encoding?
urlencode(utf8_encode($string));
Looks like you are missing double quotes
Book Cover