I have a listing with some filters which are applied on form submit, using GET as form method. So after submit, I get a url that looks like:
/listing?filter_1=a&filter_2=&filter_3=c
Notice that filter_2 is empty. How can I avoid showing it in the URL in this case? I would only need the URL to be like this:
/listing?filter_1=a&filter_3=c
I would not mess with $_GET and I wonder what is the right way to do it with Laravel 4.
Thank you
During making of url, you need to check the value of variables whether it has empty or null or have some value. Then add those varibale into the url, so that your url will be clean.
to achive this you will be required to use Laravel - pretty URls functionality and make some changes in Route::get function to remove empty parameters while construction url.
Related
Given this link:
localhost/abc/review?coupon=bskgnlsdgkj
How do I get the coupon value inside view?
I tried $_GET['coupon], but it didn't work.
You can use $this->input->get('coupon'); to get the value of url parameter.
But, I suggest you to get the parameter value with $this->input->get('coupon',TRUE); to applying XSS Security directly.
For information can be found on this link.
Assume a page with multiple HTTP request parameters filter=on&page=4 and so on. Those parameters are injected in the search form.
I need to have a button outside of the form that keeps the parameters, but adds another one download=csv into it. And that has to be done in the Blade template file, not in the php file (no $request variable available).
Something along the lines of this:
Download
But the code above doesn't seem to work. It doesn't return the URL with the parameter in it. It just returns the URL that was prior to that, aka the injection doesn't happen.
Try something like this
Download
I have a URL with a query param like: www.example.com?src=%27};alert(1);a={%27%27:%27. I want to clean up the URL when the request gets made and return it to the browser without the javascript alert evaluating. By "clean up" I mean: remove html tags, invalid characters, and characters that can potentially evaluate in the user's browser.
This is what I'm thinking and please correct me if I'm thinking about this incorrectly: when the request is made, catch it in the middleware and then send back a cleaned up version of the query params (maybe redirect the user).
I'm not sure if PHP supports this? I thought I could override the query params in $_GET and assign the src param with the cleaned up value but that doesn't seem to be working. I've also tried overriding $_SERVER['QUERY_STRING'] but that also doesn't work.
What's the best way to handle something like this in PHP?
I am using codeigniter for my project. To get the uri segments I know I can use
$this->uri->segment();
but my case is a bit different
My url looks like
localhost/mediabox/home/box/21
but once I go to this url a popup form apears in which the user provide a key to access this page and I validate the key using ajax method which is inside my home controller validate_key function
when I echo the url it gives me localhost/home/validate_key
while calling valiate_key of the home controller how can I get the 21 from the url wrritten in the url bar?
Any ideas?
Thanks
The problem:
It's not a bug, it's a natural behavior.
Consider the following:
you request the validate_key function from the server by typing the URL in your address bar. current_url() returns localhost/blabla/validate_key. No AJAX involved.
requesting validate_key with AJAX. The same PHP code will be executed.
the current_url() will change to localhost/blabla/validate_key
even though your browser's address bar is showing localhost/blabla/box/21.
So, what does this means? It means the Codeigniter base_url() doesn't care about your address bar, it cares about the function it is in, whether it was called via ajax or normal request.
so as long this function is being executed, the URL is pointing to it.
The solution:
My favorite solution to such a case, is to simply create a hidden input.
Simply, when a user requests the box function. you're showing him a popup form. so add a hidden_input field, give it a name and a value of 21(depends).
For example(you should tailor this to your specific needs):
Add this to your form in the view that get displayed by the box function:
form_hidden("number", $this->uri->segment(3));;
Now these data will be sent to your validate_key function. How do we access it? It's simple!
function validate_key(){
$this->input->post("number");//returns 21 or whatever in the URL.
//OR if the form sends GET request
$this->input->get("number");//return 21 or whatever in the URL.
/*
*Or , you can do the following it's considered much safer when you're ONLY
*expecting numbers, since this function(intval) will get the integer value of
*the uri segment which might be a destructive string, so if it's a string
*this function will simply return 0.
*/
$number = intval($this->input->post("number"));//returns 21 or whatever in the URL.
//Or if it it GET request:
$number = intval($this->input->get("number"));//returns 21 or whatever in the URL.
}
It looks like you've used .htaccess to remove the index.php part of the url. So, when you navigate to localhost/mediabox/home/box/21 you're passing the value 21 to the function named box in the controller named home
If you want to keep that value within the validate_key function, just pass it through when calling it:
function box($param)
{
//$param = 21
$this->validate_key($param);
}
Its better and suggetsed to use hidden field and post the value when it is needed.
I an redirection (in some cases) from a controller to the error controller, action 'not-logged-in' using the redirector helper. My problem is the following: I want to pass an argument in the $_POST array (an URL from where the redirection happened) so the user will be able to return to that page after performing a login.
How can i place data in the $_POST array while using redirect helper?
Thank you ahead.
When you use the redirector with an internal redirect (ie. goToRoute) the paramters are passed along with it. Thus if you add your refferrer to the the request before you actually redirect:
// Assuming $request is a Zend_Controller_Request
$request->setParam('ref', $referrer);
// then use the redirector
then that variable will be passed along with the request upon redirect. So then you would need to check for/grab that variable from the request in the action youve redirected to and then set it as a hidden field in the form. Then when your form posts to your login action you can check again for a ref variable and on successful login redirect to that location.
Now if i were you i would not actually use the referral as the url but a serialized or json encoded array of the previous request's parameters. that way you can use goToRoute in this second instance as well.
Ofcourse if the redirection came form some sort of post action that contained sensitive data you wouldnt want to do this. In that case you would want to use the session as has been previously suggested.
Above all the best advice i can give is to look at the code of Zend_Controller_Router_Rewrite and Zend_Controller_Action_Helper_Redirector.
Not possible without some socket or Curl jiggery pokery.
Why not try using $_SESSION array in the same way?
Does it really matter if the user can see the redirection url in the address bar? i doubt they will care and i see it a few times on some top sites.
Passing control to the login page just feels more like a _forward than a _redirect, like it all belongs under the one action. Especially since you're coming right back.
_forward($action, $controller = null, $module = null, array $params = null)
Then, you can pass your originating location in $params as you'd like.
I'm pretty sure that you can't send POST when redirecting a person to another page. But maybe you can, and if so, I hope somebody proves me wrong here.
I'm not sure how you'd do what you want using Zend Framework, but I would suggest two ways how to do it in general. You can either send a GET variable, or use a session variable to store a back-URL.