I'm wondering if it's possible to parse a string containing an URL as GET parameter using Mod-Rewrite through CakePHP. Do I have to pass this via $this->request->data (POST)?
Is it common to set Routes for such cases or would you either recommend splitting the URL into separate parameters?
A slash in $_GET? Woudn't that just be a query string containing such a slash?
See http://book.cakephp.org/2.0/en/controllers/request-response.html#accessing-querystring-parameters
By default those query strings are properly escaped, so all is well without any hacks on your end.
You can use rawurlencode() to esacpe special characters.
Related
I've made some regex to test for a YouTube embedded video:
/^(http:\/\/www\.youtube\.com\/embed\/)[^\/\s\\]+$/
It works for what I expect when I test it, but the problem though is that I need to pass that regex as a string to some function. Particularly I'm using htmlawed, where I pass a following string to a function:
func('iframe=-*,src(match="/^(http:\/\/www\.youtube\.com\/embed\/)[^\/\s\\]+$/")');
The problem is that the above regex sort of works, but it just ignores the slashes, and accepts anything in place of them.
That is why I suspect that there is a problem with escaping.
I would appreciate if you could advice some alternative ways of escaping these slashes and backslashes... there must be some way?
If you have a string, you will need to escape the backslashes (and quotes) for the string literal. Or, depending on how the function builds the regex from the string, you might not need to escape slashes at all (I don't think so here).
"iframe=-*,src(match=\"/^(http:\\/\\/www\\.youtube\\.com\\/embed\\/)[^\\/\\s\\\\]+$/\")"
In PHP, you can also use a different regex delimiter:
~^(http://www\.youtube\.com/embed/)[^/\s\\\\]+$~
My question is related to this one. except that my question is more sepcific as it is about whether a hyphen can be used in a query string parameter value.
I am parsing $_SERVER['QUERY_STRING'] with PHP. I would like to know whether it is syntactically correct to use hyphens in query string values such as in the following case, or whether hyphens must be escaped in the browser URL. What about underscores?
http://example.com/?q1=query-string-value-one&q2=query-string-value-two
According to this document hyphens should be OK in all standards-compliant browsers, but I wanted to double check.
Thanks.
You are talking about query string parameters which must be encoded using urlencode function:
This function is convenient when encoding a string to be used in a
query part of a URL, as a convenient way to pass variables to the next
page.
According to the documentation - does not require encoding.
Yes
Hyphens can be used for query string parameter names
I have to send a filepath via. a json string to my controller in codeigniter
I have already modifed codeigniters config to accept a json string as a paramater
example:
www.mysite.com/controller/function/{"foo":"bar","hello":"word"}
This works fine.
But now I want to pass in a file path like this
www.mysite.com/controller/function/{"path":"D:\my\path\to\file.txt","foo":"bar"}
When i urldecode the paramter sent to the function in the controller I get a nice string looking like this
{"path":"D:\my\path\to\file.txt","foo":"bar"}
When I try to json_decode this I get
NULL
Can anyone help me with this?
Since it's JSON, you have to consider that your directory separators are going to be treated as escapes by the JSON parser. JSON has NO idea that you're passing in a path. It's just going to see a bunch of unnecessary escapes. The JSON must be syntactically valid, which means:
{"path":"D:\\my\\path\\to\\file.txt","foo":"bar"}
Note the doubled-up backslashes. Also note that on Windows, PHP is smart enough to accept forward slashes as the path separators as well, and will auto-convert for your as necessary. d:/my/path/to/file.txt would work just as well.
I am using Restler and I have a function that receive a string. That string may contain a slash. Example: "/a/b/id"
http://test/test.json//a/b/id
Whenever I use a slash in the field it returns a 404
I am sure that the value will return something, but i really need to use slash in the string.
If I try to use the id by itself, no slash, it returns the correct value, but to do that I put the slashs hardcoded (not cool)
http://test/test.json/id
Any tips?
Is this a bug?
thanks
When you know that your parameter may contain slash, avoid using them as url parameter
make them as query string or body parameter instead
here is an example http://restler3.luracast.com/examples/_001_helloworld/say/hello?to=slash/slash
In my code, I create a link like this:
$link = 'http://www.mydomain.com/'.urlencode($str).'/1';
I use url-rewriting and the rule in my htaccess file looks like this:
rewriteRule ^(.+)/(.*)$ index.php?var1=$1&var2=$2 [NC,L]
This code is working fine for almost every strings. But sometimes, the string to encode contains "&". The urlencode function encodes it corectly, but when I read the $_GET array in php, it looks like this (with $str = 'substring1&substring2'):
'var1' => 'substring1' (without "&")
'substring2' => '' (without "&")
'var2' => 1
I really need the "&" in my var. Is there a way to encode that character to make it works?
Also, I really don't know why, but sometimes I get a forbidden http error with some strings passed as var1. Apparently, they have nothing special, for exemple, "Décarie Square" makes that error. Other strings with spaces and "é" are working fine.
Apache's mod_rewrite automatically decodes urlencoded strings when it does regex matching. But it only does this once, so you should be if you urlencode your string twice. This will re-escape all of those `%' characters.
try
$link = 'http://www.mydomain.com/'.urlencode(urlencode($str)).'/1';
or stop relying on rewrite rules and use a framework that handles URL routing properly.
Oh, and there should also be htmlentities() somewhere in there.
Apache will automatically translate (decode) the path. You must use a different encoding or even double encoding. Base 64 will work.
your $str isn't setup with key=val pairs
Try $str = 'var1=substr1&var2=substr2';
Two options:
Urlencode the string before urlencoding the query.
Replace all non alphanumerical chars with a dash or underscore
As for the forbidden error are you using http auth basic or digest?
Update may mistake try using htmlentities or htmlspecialchars instead of urlencode