I am reading content of GET query string, and every time I encounter & for ecample Blackstone Woodfire & Grill, GET is reading Blackstone Woodfire.
How can I avoid this, if possible?
I know I could encode the special characters from the reference page, then decode them when are directed to this page.
I'm just curious.
The problem is that the parameters you send using get, are separated using a &.
So if you have an url like
http:/example.com?param_1=value_1¶m_2=value_2
You will have an $_GET array like
array(
param_1 => 'value_1',
param_2 => 'value_2'
);
Now if you send and url like:
http://example.com?param_1=value_1 & value_2
You will have an $_GET array like
array(
param_1 => 'value_1 ',
' value_2' => ''
);
Simply becuase that is the way sending GET params works.
On the recieving side, there is not much you can do, the problem lies at the other end.
The GET parameters that are beeing send must indeed be encoded, within PHP that is done using
echo 'http://example.com?param_1=' . urlencode('value_1 & value_2');
Javascript uses encodeURIComponent() to solve this issue.
PHP calles urldecode() automaticly on every get parameter when it is creating your $_GET global.
You could use urlencode to encode the get string. And later if u want to fetch it from $_GET u urldecode.
You could replace all ampersands to %26
Related
I want to use the GET method to send a string to the receive page, but if the string includes '#', the receiver page can only get the sub string before the '#'.
As the following example:
test
When I click the 'test' link to open the 'test.php' page, which has the following code:
<?php
if(isset($_GET["q"])) {
echo $_GET["q"];
}
?>
It only display 'string1' on the page, '#string2' is missing.
So I want to know what happened to the string, and how to fix this problem.
Thank you for any help!
=======Update===========
With the help of #Eric Shaw and #JP Dupéré, I know how to fix this problem.
The simplest way is encoding the string before using the get method.
To encode the query string, you can:
use urlencode() in PHP, and urldecode() can decode the string.
use encodeURIComponent() in JavaScript, and decodeURIComponent() can decode the string.
Try
urlencode("string1#string2")
before calling GET.
The #foo is used to jump to an <a name="foo"/> tag on the page, rather than viewing the top of the page when the browser loads it.
The stuff after the # is processed by the browser and NOT sent to the server.
You can escape the # and the escaped version will be sent to the server, i.e.
test
will do what you want I think
This escaping is also a common technique to get the # passed along in the URL for redirectors.
I'm building a website with yii2 and xampp and there I have a NavBar with
$menuItems = [...
['label' => 'Mitlesen', 'url' => ['/site/uebersicht&seite=1']],
...]
This leads to the site: index.php?r=site%2Fuebersicht%26seite%3D1
And here I'm getting the error-message:
Not Found (#404)
Unable to resolve the request: site/uebersicht&seite=1
When I delete the &seite=1 the error disappears.
And when I call ... site/uebersicht&seite=1 directly in the browser, it works fine, too.
You should simply use 'url' => ['/site/uebersicht', 'seite' => 1]
You are url encoding the url so the & gets converted to %26.
You need to make sure no url encoding occurs on this url.
See here for a reference to url encoded characters.
However, I'm not sure why you would want to put an "&" in the query string if there is no "?" first. Perhaps you want to swap it over?
A proper query string may look like this:
htttp://site.com/some/route/?name=sam&country=spain
It is an incorrect query string. You should put ? instead of &. So your url should be /site/uebersicht?seite=1
I'm very new to PHP but have a good understanding of C,
When I want to access some post data on an API i'm creating in PHP I use:
$_POST['date_set']
to fetch a value being passed for date - This all works perfectly, however I read I should be fetching it like this:
$date_set = trim(urldecode($_POST['date_set']));
This always returns a 00:00:00 value for the date after it's stored in my DB.
When I access directly using $_POST['date_set'] I get whatever value was posted, for example: 2013-08-28 10:31:03
Can someone tell me what I'm messing up?
You should try it like,
$date_set = $_POST['date_set'].explode(' ');//('2013-08-28 10:31:03').explode(' ')
echo $date_set[1];
or
echo date('H:i:s',strtotime($_POST['date_set'])));
//echo date('H:i:s',strtotime('2013-08-28 10:31:03'));
If you are very new in php the Read date()
You only run urldecode over data is URL encoded. PHP will have decoded it before populating $_POST, so you certainly shouldn't be using that. (You might have to if you are dealing with double-encoded data, but the right solution there should be to not double encode the data).
trim removes leading and trailing white-space. It is useful if you have a free form input in which rogue spaces might be typed. You will need to do further sanity checking afterwards.
urldecode — Decodes URL-encoded string
Description
string urldecode ( string $str )
Decodes any %## encoding in the given string. Plus symbols ('+') are decoded to a space character.
urldecode: is used only for GET requests. you should be fine using $_POST['date_set'] only.
http://php.net/manual/en/function.urldecode.php
You'd better do this way
if(isset($_POST['date_set'])){
$date_set = $_POST['date_set'];
}
then you can use $date_set how you want.
If you still get 00:00:00 for $date_set, the problem is coming from the code which provide you the $_POST value.
I think I have seen this question before but I don't think it's answered good enough yet because I can't get it to work.
The case:
I want to insert an URL into my MySQL database like so:
$url = $_POST["url"]; //$_POST["url"] = "http://example.com/?foo=1&bar=2& ...";
$sql = mysql_query("INSERT INTO table(url) values('$url')") or die ("Error: " . mysql_error());
Now, the URL is inserted into the database properly but when I look at it, it looks like this:
http://example.com/?foo=1
It's like the URL is cut right at the "&" character. I have tried: mysql_real_escape_string, htmlspecialchars, escaping by doing "\" etc. Nothing seems to work.
I have read that you might be able to do it with "SQL Plus" or something like that.
Thanks in advance.
Regards, VG
Chances are the problem here is nothing to do with the database query, and more to do with how the url is passed to the page. I suspect you'll find that the URL used to load the page is something like:
http://mydomain.com/?url=http://example.com/?foo=1&bar=2
This will result in a $_GET that looks like this:
array (
'url' => 'http://example.com/?foo=1',
'bar' => '2'
)
What you need is to call page with a URL that looks more like this:
http://mydomain.com/?url=http://example.com/?foo=1%26bar=2
Note that the & has been encoded to %26. Now $_GET will look like this:
array (
'url' => 'http://example.com/?foo=1&bar=2'
)
...and the query will work as expected.
EDIT I've just noticed you're using $_POST, but the same rules apply to the body of the request and I still think this is your problem. If you are, as I suspect, using Javascript/AJAX to call the page, you need to pass the URL string through encodeURIComponent().
It is likely the querystring is not being passed. It looks like you are receiving it from a FORM post. Remember that form posts that use a method of GET append a querystring to pass all of the form variables, so any querystring in the action is typically ignored.
So, the first thing to do is echo the URL before you try to INSERT it to make sure you are getting the data you think you are.
If there are variables you need to pass with the URL, use hidden inputs for that, and a method of GET on the form tag, and they will get magically appended as querystring parameters.
Right !! The problem here is nothing to do with the database query has DaveRandom said.
Just use the javascript function "encodeURIComponent()".
Depending on what you want to do with the stored value, you also urlencode() the string: http://php.net/manual/de/function.urlencode.php
Cheers,
Max
P.S.: SQL*Plus is for Oracle Databases.
maybe escape the url with urlencode then you can decode it if you want to pull it out of the db
I think I have the need to take a uri which has been decoded in PHP, and re-encode it.
Here is the situation:
JavaScript passes encoded uri as query string parameter to php script.
PHP script embeds uri as a hidden input value in an html document, responds with the document to a user agent.
JavaScript reads embedded uri and sets location of current document based on value of hidden input.
On Step 2, I am finding that the Uri is fully decoded after reading it in via $_GET. So when I embed the uri in the hidden input, it becomes un-encoded. So I would like to run a PHP script which re-encodes the Uri properly ex:
http://my.example.com/dog walk?is=very great
==>
http://my.example.com/dog%20walk?is=very%20great
Is there a pre-built php function for this or should I just write my own?
PLEASE NOTE: urlencode and urldecode are not the answer to get the desired input/output I have in the example above.
Thanks,
Macy
Are you looking for : http://fr.php.net/manual/en/function.urlencode.php ?
I don't know if will help you, but PHP have 3 useful functions:
$url = parse_url('put the url here');
parse_str( $url['query'], $query ); // generating an array by reference (yes, kinda weird)
echo $query; //in this line, you can encode or decode.
or, if you want to mount a query, you can use http_build_query(); that accepts values from an array, like:
$url = 'http://my.example.com/dog walk?';
$array = Array (
'is' => 'very_great',
);
$url_created = $url . http_build_query($array);
urldecode:
http://www.php.net/manual/en/function.urldecode.php