I am using the following code to encode a URL for basic hiding of the URL
/lbs_map.php?msisdn=27827910118
This is what I do not want my clients to see. I have coded it the following way
<a href="lbs_map.php?msisdn=<?php echo base64_encode ("27".substr($rows['member_msisdn'],
1)); ?>
This is my output now:
/lbs_map.php?msisdn=Mjc4Mjc5MTAxMTk=
I am using this to try and decode the string:
<?php
$str = 'VGhpcyBpcyBhbiBlbmNvZGVkIHN0cmluZw==';
echo base64_decode($str);
?>
But it is not working at all to decode it and give me the required info i want. I need help on the decoding of the string
The encode string must work with the code string as the code string varies and is never the same
If you're passing base64 encoded data via the url, you need to urlencode() it first as = is a reserved character in urls.
You need to urlencode() the msisdn parameter.
Also keep in mind that base64 is not the way to go if you want to hide something from your users as it's not an encryption function and can be easily decoded.
Related
I am doing a post HTTP request in swift 4.2 and in one of my Strings I put in the parameters contain "&" but apparently the requests gets cut off after this symbol. I thought about replacing every "&" symbol with a unique placeholder and convert it back in PHP.
But is there are more elegant or easy way of doing this?
URL encode your data (and decode it when you need to use it), that will make the ampersand into %26 which will stop it cutting off in your GET request.
You could replace the "&" with "%26" and then it's have to work :)
All Precent-encoding characters:
https://en.wikipedia.org/wiki/Percent-encoding#Percent-encoding_reserved_characters
You should probably minimize how much manual percent escaping you do. You might, for example, use URLComponents to build your URL and percent escape it for you:
guard var components = URLComponents(string: "http://example.com") else { return }
components.queryItems = [URLQueryItem(name: "foo", value: "bar&baz")]
let url = components.url
That will result in:
http://example.com?foo=bar%26baz
The ampersand, as well as a few other characters, need to be encoded if they are within a query parameter otherwise they could be recognized as a delimiter of some sort.
You can encode a string for a query param in Swift like this:
let value = string.addingPercentEncoding(withAllowedCharacters: .urlQueryAllowed)
let urlString = "https://example.com/?query=\(value)"
On the other side, your server will receive the encode param value but will need to decode it.
PHP includes the urlencode() and urldecode() functions, and stift includes the .addingPercentEncoding function.
This means you can replace with the encoded version of the '&' symbol which is '%26', or you can use swift's function
Then when you recieve this value you can use urldecode( $escapedString ), or just replace '%26' with '&', or just pull the values stright from the request with $_GET.
I have a url request like this:
http://localhost/pro/api/index/update_profile?data={"id":"51","name":"abc","address":"stffu fsagu asfhgui fsahgiu3#$#^^##%^3 6\"\"wkgforqf\";rqgjrg..,,,rqwgtr''qwrgtrw'trwqt'rqwtqwr trqt\n"}
I am trying to json decode of this url.I use following code to decode url.It is working perfect if url not contain special character. but how to decode it if it contains special character.
$string = htmlspecialchars($_REQUEST['data'], ENT_QUOTES);
$jsonFix = urldecode($string);
$string = htmlentities($jsonFix, ENT_QUOTES | ENT_IGNORE, "UTF-8");
$json = json_decode($string, true);
print_r($json);exit;
I tried this code but it is not working.when i am try following:
print_r($_REQUEST['data']);exit;
output is:
{"id":"51","name":"ds"","address":"stffu fsagu asfhgui fsahgiu3
means it is bracking from # character.
(sidenote: i am working on api for iphone so request came from iphone,framework:CI)
so how to get url which contain special character and how to decode it?
The # character marks the beginning of the fragment part of the URL.
You need to properly URL-encode the URL for this to work.
For example, your JSON, when correctly URL-encoded, becomes:
%7B%22id%22%3A%2251%22%2C%22name%22%3A%22abc%22%2C%22address%22%3A%22stffu%20fsagu%20asfhgui%20fsahgiu3%23%24%40%5E%5E%40%23%25%5E3%206%5C%22%5C%22wkgforqf%5C%22%3Brqgjrg..%2C%2C%2Crqwgtr%27%27qwrgtrw%27trwqt%27rqwtqwr%20trqt%5Cn%22%7D
The entire URL becomes:
http://localhost/pro/api/index/update_profile?data=%7B%22id%22%3A%2251%22%2C%22name%22%3A%22abc%22%2C%22address%22%3A%22stffu%20fsagu%20asfhgui%20fsahgiu3%23%24%40%5E%5E%40%23%25%5E3%206%5C%22%5C%22wkgforqf%5C%22%3Brqgjrg..%2C%2C%2Crqwgtr%27%27qwrgtrw%27trwqt%27rqwtqwr%20trqt%5Cn%22%7D
Check the documentation of your language of choice to find the correct method for URL-encoding characters.
For example, in PHP, this is rawurlencode and in JavaScript this is encodeURIComponent.
If necessary, there are also plenty of URL coders online, such as this website.
You are manipulating the $data in some ways that aren't really necessary. htmlspecialchars() and htmlentities() make sense if applied to specific values - not the whole JSON. The danger is that they mess up the JSON, it is only important here to urldecode()!
$jsonFix = urldecode($data);
$json = json_decode($jsonFix, true);
This already works and doesn't leave any character out.
If you plan to post something of that and want to escape it, you can do it like so
htmlspecialchars($json['address'], ENT_QUOTES)
Can't you just replace the "#" character with something like "&hashtagChar;" before you process, and put it back afterwards?
i have a string send by $_GET['foo']="C# Programmer";
when I echo $_GET['foo'], it only print C
is any way to solve this problem when string container # or other symbols send by $_GET
Spaces and hashes (#) are not valid in HTTP URLs and will need to be encoded if you want to use it in parameter values. You can use urlencode() to create URL-safe paramter values.
The following should work:
foo=C%23%20Programmer
If you're trying to send the GET request from a different page, you'd want something like this:
<?php
$var = 'C# Programmer';
?>
Go
Now, in select.php, if you try to echo $_GET['foo'];, it'll display C# Programmer.
Make use of functions like urlencode for passing this kind of values, and urldecode to get this values. Try to make use of post method to avoid this kind of problems
You shoud use the function named urlencode which returns a string in which all non-alphanumeric characters except -_. have been replaced with a percent (%) sign followed by two hex digits and spaces encoded as plus (+) signs.
<?php
$var = 'C# Programmer';
?> <!-- end of PHP code -->
<a href="select.php?foo=
<?php echo urlencode($var) ?> <!-- start and end of PHP code -->
"> Go </a>
Live example
For more information, read about urlencode.
I have an application that posts content to a MySQL DB via PHP. The PHP uses $_GET to pull the content from the URL and then inserts it into the DB.
This works great, but I have discovered an issue. If the user enters certain characters (", &, and others), the $_GET method does not properly separate the content from the URL.
Let's say the user posts this content:
I love blue & green
In this situation, the & symbol cuts the string after the word blue.
Is there any way for me to edit my PHP file to ignore the & symbol and to actually treat it as part of the variable it is supposed to $_GET? Any help would be great!
You can URLencode data before sending it to the PHP. It's a better solution.
Specials chars must not be used in a query string if those chars are in data.
In Javascript, you can use the escape function : escape(&ee) will give %26ee
The correct method is to urlencode the "&" caracter by the client : pass "%26" instead of "&"
you can use $_SERVER['QUERY_STRING']
from http://php.net/manual/en/reserved.variables.server.php
You could send the request as a base64 encoded string:
$string = base64_encode("This is my long string with &ersands and 'quotes'");
print base64_decode($string);
Note that base64-encoded data takes about 33% more space than the original data.
From the manual:
http://php.net/manual/en/function.base64-encode.php
You also have urlencode
try to urlencode your string:
&
becomes
%26
it's a PHP function :
http://php.net/manual/fr/function.urlencode.php
What about, before creating Query string, encode it ?
$str = "I love blue & green ?=&˙Đ[]";
$str = urlencode($str);
echo $str;
Will return:
I%20love%20blue%20%26%20green%20%3F%3D%26%CB%99%C4%90%5B%5D
You have to URL encode the string before you pass it as a GET parameter. In this particular case you have to replace & symbol with %26.
This can be done for example using javascript right before you send the form.
So I am making a simple script where I send a HTML string via POST to PHP and when I try to echo it out it gets encoded with some weird characters
The string Im sending:
'Yo <i>whats up</i>'
What I get when I echo it out with PHP
Yo+%3Ci%3Ewhats+up%3C%2Fi%3E
What is going on here? Is there some PHP method I can use to revert it back to the original HTML string?
You want to use
echo htmlspecialchars(urldecode('Yo+%3Ci%3Ewhats+up%3C%2Fi%3E'));
The reason is that your data gets x-www-form-urlencoded for posting. So on the server-side, you have to decode it again - that's what urldecode() does.
htmlspecialchars() prevents your HTML-Tags to be rendered as such so they are just displayed as a string (if that's what you want).
So, in an HTML context, echo urldecode('Yo+%3Ci%3Ewhats+up%3C%2Fi%3E'); would output
Yo whats up
And if you also wrap it with htmlspecialchars(), your output would be
Yo <i>whats up</i>
again.
It looks like your post string is being encoded for url.
you can use urldecode to remove these characters
echo urldecode($_POST['string']);