I am getting content of XML using this code:
$xml = simplexml_load_file("X.xml");
echo $xml->CountryList->Country[1];
Here is the X.xml:
<PickUpCityListRQ>
<CountryList>
<Country>Albania</Country>
<Country>Andorra</Country>
</CountryList>
</PickUpCityListRQ>
Everything works fine, it returns Andorra for me, but, when I try to use url with special characters, like this one:
http://somelink/ServiceRequest.do?xml=<PickUpCityListRQ><Credentials username='USERNAME' password='PASSWORD' remoteIp='IP'/><Country>UK</Country></PickUpCityListRQ>
This link won't work for you as it just an example, but believe, real link returns the same content as X.xml. I know that the reason of that are special characters in the link, but I can't get it work. I tried something like this:
$username = "USERNAME";
$password = "PASSWORD";
$accessurl = htmlspecialchars("Credentials username='$username' password='$password' remoteIp='123.123.123.123'/");
$required = htmlspecialchars("<PickUpCityListRQ><$accessurl><Country>UK</Country></PickUpCityListRQ>");
$url = 'somelink/service/ServiceRequest.do?xml='.$required;
echo $url;
It returns (with echo) the required link, in case if I use it manualy (in browser) I'll get to the required content. But if I try to get XML content using this code:
$xml = simplexml_load_file($url);
echo $xml->CountryList->Country[1];
I won't work.
Any ideas?
Thank you in advance.
htmlspecialchars is used to protect special char inside an HTML content page (especially on user input, to avoid some sort of XSS or other attack..).
When you are manipulating URLs, you should use instead urlencode to send your content as parameter of the URL.
So your URL will be:
http://someserver/somethink/services/ServiceRequest.do?xml=%3CPickUpCityListRQ%3E%3CCredentials%20username%3D'USERNAME'%20password%3D'PASSWORD'%20remoteIp%3D'IP'%2F%3E%3CCountry%3EUK%3C%2FCountry%3E%3C%2FPickUpCityListRQ%3E
As the documentation says, urldecode is not requiered because the superglobals $_GET and $_REQUEST are already urldecoded. So, in your script which do the job you can directly use the value in your $_GET entry.
$xml = simplexml_load_string($_GET['xml']);
documentation : urlencode
Answer stolen from PHP simplexml_load_file with special chars in URL
Use this
$username = "USERNAME";
$password = "PASSWORD";
$accessurl = "Credentials username='$username' password='$password' remoteIp='123.123.123.123'/";
$required = "<PickUpCityListRQ><$accessurl><Country>UK</Country></PickUpCityListRQ>";
$url= rawurlencode("somelink/service/ServiceRequest.do?xml={$required}");
$xml = simplexml_load_file($url);
echo $xml->CountryList->Country[1];
Related
I am trying to pass across a string to receive a response. In the URL, at the end for the Password= field, there is a Exclamation Point in the string. This is causing a fail in the code - I have included an example below
$getResponse = file_get_contents("https://LINK/&Password=pass!word");
echo "<br>Response:";var_dump($getResponse);die;
I have tried both as you see above AND by putting \ in front of the Exclamation Point. Any assistance would be greatly apprecieated!
You need to encode non-ASCII characters (!) into a format that can be transmitted over the Internet.
Try this:
$url=urlencode("https://LINK/&Password=pass!word");
$getResponse = file_get_contents($url);
echo "Response:";var_dump($getResponse);die;
Urlencode Help on PHP
Try escaping password in url:
$pswd = urlencode('pass!word'); /* or use - rawurlencode */
$url = 'https://example.com/page?Password='.$pswd; /* replaced `&` with `?` */
$getResponse = file_get_contents($url);
I am trying to parse url and extract value from it .My url value is www.mysite.com/register/?referredby=admin. I want to get value admin from this url. For this, I have written following code. Its giving me value referredby=admin, but I want only admin as value. How Can I achieve this? Below is my code:
<?php
$url = $current_url="//".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
setcookie('ref_by', parse_url($url, PHP_URL_QUERY));
echo $_COOKIE['ref_by'];
?>
You can use parse_str() function.
$url = "www.mysite.com/register/?email=admin";
$parts = parse_url($url);
parse_str($parts['query'], $query);
echo $query['email'];
Try this code,
$url = "www.mysite.com/register/?referredby=admin";
$parse = parse_url($url, PHP_URL_QUERY);
parse_str($parse, $output);
echo $output['referredby'];
$referred = $_GET['referredby'];
$referred = "referredby=admin";
$pieces = explode("=", $referred);
echo $pieces[1]; // admin
I don't know if it's still relevant for you, but maybe it is for others: I've recently released a composer package for parsing urls (https://www.crwlr.software/packages/url). Using that library you can do it like this:
$url = 'https://www.example.com/register/?referredby=admin';
$query = Crwlr\Url\Url::parse($url)->queryArray();
echo $query['referredby'];
The parse method parses the url and returns an object, the queryArray method returns the url query as array.
Is not a really clean solution, but you can try something like:
$url = "MYURL";
$parse = parse_url($url);
parse_str($parse['query']);
echo $referredby; // same name of the get param (see parse_str doc)
PHP.net: Warning
Using this function without the result parameter is highly DISCOURAGED and DEPRECATED as of PHP 7.2.
Dynamically setting variables in function's scope suffers from exactly same problems as register_globals.
Read section on security of Using Register Globals explaining why it is dangerous.
I want to get query string from a url and change it to the string format.
I copied the following code from other related posts on stackoverflow, but it is not working properly for me.
<?php
$url="www.example.com/user.php?uname=alan&password=2222";
$parse=parse_str($url);
echo $uname;
echo $password;
This code returns the second variable $password as expected, but it failed for the first variable $uname
undefined variable: uname
Is there something missing in the code?
Any help is greatly appriciated!
Thanks.
It looks like parse_str does not work quite correctly with your URL. You probably want to use it in conjunction with parse_url
eg:
$url="www.example.com/user.php?uname=alan&password=2222";
$str = parse_url($url, PHP_URL_QUERY);
$parse = parse_str($str);
echo $uname;
echo $password;
https://php.net/manual/en/function.parse-url.php
https://php.net/manual/en/function.parse-str.php
I am trying to encode the following string: Peôn
Accordiing to: http://meyerweb.com/eric/tools/dencoder/ the string should enocde to: Pe%C3%B4n
When I use urlencode($name) I get Pe%F4n
SOOOO Lost on this.
I am trying to use the encoded string in the following manner:
Fails:
http://us.battle.net/api/wow/character/Kil%27jaeden/Pe%F4n?fields=statistics
Works:
http://us.battle.net/api/wow/character/Kil%27jaeden/Pe%C3%B4n?fields=statistics
mycode:
$name = mysqli_real_escape_string($connection, $_POST['name']);
$name = urlencode($name);
EDIT:
$name = $_POST['name'];
$realm = mysqli_real_escape_string($connection, $_POST['realm']);
$locale = mysqli_real_escape_string($connection, $_POST['locale']);
$toon = query_blizz_toon($name, $realm, $locale);
function query_blizz_toon($name, $realm, $locale){
$realm = urlencode(stripslashes($realm));
$name = urlencode($name);
$q = 'http://'.$locale.'.battle.net/api/wow/character/'.$realm.'/'.$name.'?fields=statistics';
echo $q;
$character = #file_get_contents($q);
$character = json_decode($character);
return $character;
}
echo $q ouputs: http://us.battle.net/api/wow/character/Kil%27jaeden/Pe%F4n?fields=statistics
Still getting the wrong encoding even without the escaping... :/
EDIT:
According to this site: http://www.degraeve.com/reference/urlencoding.php
%F4 is the correct encoding for ô ...
Well i am getting exactly what you are expected to get. Your mysqli_real_escape is the culprit here. Remove it.
Also, make use of Prepared Statements, so that you don't have to focus on escaping and stuff.
<?php
$name = 'Peôn';
echo $name = urlencode($name);
OUTPUT:
Pe%C3%B4n
$name = rawurlencode(utf8_encode($name));
Does the trick. Wish i knew why...
The problem is with the page that has the form.
The web browser is sending the user input encoded in latin-1, but you want it to send UTF-8. One way to fix that is sending the Content-Type header to tell the browser that the page is in UTF-8, if you can't do that you can use the HTML meta tag to do the same, yet another is declaring the accept-charset in the form tag.
<form accept-charset="UTF-8" method="POST" action="...
I have a url that gets encoded when serialized with jquery and comes out like this:
index.php?city%5B%5D=METROPLOIS&city%5B%5D=GOTHAM
Supposed to be index.php?city[]=METROPLOIS&city[]=GOTHAM
On the other end, I'm using joomla to pull down a bunch of variables out of the url
$city = JRequest::getVar('city');
Now, another user was nice enough to point me to this code in PHP which would get the city variables and then implode them into
$cities = $_GET['city'];
$str = "CITY='".implode("' OR CITY='",$city)."'";
Where $cities = $_GET['city']; is equivalent to $city = JRequest::getVar('city');
So, I'm running into a challenge that I don't know how to address. How to decode the URL in Joomla so that it will recognize city%5B%5D as city[] or city.
I've seen this: http://php.net/manual/en/function.urldecode.php, but that pulls down the URL and puts it into a string. How would I then tell Joomla to pull variables form that string instead of the URL ?
Use urldecode to decode the url
$decoded = urldecode('index.php?city%5B%5D=METROPLOIS&city%5B%5D=GOTHAM');
$query = parse_url($decoded, PHP_URL_QUERY);
parse_str($query, $params);
$city = $params['city'];
echo "CITY='".implode("' OR CITY='",$city)."'";
DEMO
http://php.net/manual/en/function.parse-url.php
http://php.net/manual/en/function.parse-str.php