How to encode, send in a query, and retrieve a url - php

I am trying to pass a url for creating an iframe as a parameter of a query string. Because the url that I am passing contains an ampersand, I encode the url with 'urlencode' then append it to the query string.
<?php
$url = "http://www.somesite.com/index.php?option=content&view=article&id=1234:some+article";
$url_encoded = urlencode($url);
?>
On the page where I want to create the iframe, I retrieve the url parameter using the $_GET variable.
<?php
$iframe_source = $_GET[$url];
?>
<iframe id="external-link-frame" src="<?php echo $iframe_source ?>"></iframe>
However $_GET only retrieves the part of the parameter value up to the encoded ampersand.
<?php echo $_GET[$url]; //outputs http://www.somesite.com/index.php?option=content ?>
What must I do in order to send the entire url including the parameters that are part of its own query string.
UPDATE: I am able to do it by encoding the url twice
urlencode(urlencode($url));
Take a look at: https://stackoverflow.com/a/2433211/1359529

I think rawurlencode() will encode the ampersands too.
http://us3.php.net/manual/en/function.rawurlencode.php

I believe, how you append it, the $_GET function thinks that the ampersand signs are signifying new values to get. I bet if you did after that $iframe_view = $_GET[$view] it will output article.
If you want it to get the full URL, I think it's best to encode by replacing & signs with something else and then once you get the url, then replace them back to & signs.

Related

I want to display encoded url that I pass to this page

I want to print encoded url with the help of echo, for example I send variables like this:
"http://www.indiandeal.in/test.php?go=http://www.facebook.com/indiandeal"
It is working fine if I pass any variable but not with encoded url string. Normal url string works fine.
i don't want to encode the url.
i want this to work
http://www.indiandeal.in/test.php?go=http%3A%2F%2Fwww.facebook.com%2Findiandeal&123=234
this should print the url as
www facebook com indiandeal&123=234
but it displaying only
http www facebook com/indiandeal
Here is my code:
<!DOCTYPE html>
<html>
<body>
<?php
$txt1 = $_GET["go"];
echo $txt1;
?>
</body>
</html>
If you pass an encoded url it will automatically be decoded
Warning
The superglobals $_GET and $_REQUEST are already decoded.
Using urldecode() on an element in $_GET or $_REQUEST could have
unexpected and dangerous results.
If you still want to see it encoded you can use urlencode()
Edit based on your comment.
If you want to save the encoded version of your request variable named go you can do
echo urlencode($_GET['go']); // this encodes it again
//echo urlencode("http://www.facebook.com/indiandeal");
Output
http%3A%2F%2Fwww.facebook.com%2Findiandeal
Try this it will work :
A querystring may contain several key-value pairs. When there is more than one key-value pair, they are typically separated by ampersands (&).
input :
http://www.indiandeal.in/test.php?go=http%3A%2F%2Fwww.facebook.com%2Findiandeal&123=234
Here, $_GET["go"] only gives you the value associated with go.For access the whole query string you have to use this :
The raw, unprocessed query string can be retrieved by the QUERY_STRING server variable:
echo $_SERVER['QUERY_STRING'];

How do I pass one PHP url as a php variable in another URL without that syntax messing up the variables?

I have a download page that take arguments like the download URL, the download-counter data file url, and the page to return to after downloading.
It is arranged like so:
start.php?url=...&page=...&file=...
(Download url, redirect page, counter file)
The problem is, when the redirect page contains PHP arguments with ? and & symbols, the URL becomes a confusing mess for PHP to work with.
Example:
start.php?url=URLTEXT&page=page?test1=x&test2=xx&file=FILETEXT
What should happen:
url=URLTEXT
page=page?test1=x&test2=xx
file=FILETEXT
what happens:
url=URLTEXT
page=page?test1=x
test2=xx
file=FILETEXT
How could I substitute characters or somehow make these arguments pass correctly in php?
Thanks for any help you can give.
Well, I'm not sure how your "messed up" URL looks like. However the string after the "?" is called Query String, and you can decode/encode it with
urlencode($normalString); //will be encoded for use in URL
urldeocde($queryString); //will be decoded for "normal" use
EDIT:
Here is some short example:
echo "Encode for use in URL: ";
echo urlencode("this is a string & üäöllasdlk<bbb2");
echo "<br />";
echo "Decode to use it in your script: ";
echo urldecode($_SERVER['QUERY_STRING']);
Output:
Encode for use in URL:
this+is+a+string+%26+%C3%BC%C3%A4%C3%B6llasdlk%3Cbbb2
Decode to use it in your script: test=12
(Assuming you have a Querystring containing the variable test=12)
Just use htmlspecialchars function on your URL string:
http://php.net/manual/en/function.htmlspecialchars.php

PHP URL decode GET

I have been using URL decode on encoded URL variables from $_get.
The current problem I am facing is I have a URL encoded like this:
blah.php?url=http%3A%2F%2Fm.youtube.com%2F#/watch?feature=player_embedded&v=zd7c5tQCs1I&desktop_uri=%2Fwatch%3Fv%3Dzd7c5tQCs1I%26feature%3Dplayer_embedded
I'm not sure what kind of encoding this is, can someone help me? When I use just "urldecode" on this it just returns m.youtube.com
Edit: My problem is not that url decode isn't working, it works if I manually enter this encoded URL and use urldecode(), but when this encoded url is in the actual pages url and I use the _GET function then I try to decode it it stripes off everything after the "#" in the URL.
<?php print urldecode($_GET["url"]);?>
It returns
"http://m.youtube.com/"
instead of
"http://m.youtube.com/#/watch?feature=player_embedded&v=zd7c5tQCs1I&desktop_uri=/watch?v=zd7c5tQCs1I&feature=player_embedded"
I think the issue is that the pound sign is not encoded, if I refresh the page it strips away the pound sing and everything after it, so how do I get around this? Can I still retrieve the info from "GET" even though there is a pound sign? (#)
The problem is that the full link has multiple = signs, and browser cant determine, that the other = signs refer just to the url= parameter.
in your case, at first, you need to use function before link is given to url= parameter:
========================= 1) JAVASCRIPT ======================
<script type="text/javascript">
var mylink = encodeURIComponent('http://testest.com/link.php?name=sta&car=saab');
document.write("http://yoursite.com/url=" + mylink);
</script>
========================= 2)or PHP ===========================
<?php
$mylink = 'http://testest.com/link.php?name=sta&car=saab';
echo 'http://yoursite.com/url='.urlencode($mylink);
?>
so, your output (url parameter) will get like this
http://yoursite.com/url=http%3A%2F%2Ftest.com%2Flink.php%3Fname%3Dsta%
so, the url parameter will get the encoded url.
after that, your .php file needs to decode that "url" parameter-
<?php
$varr = $_GET['url'];
$varr = preg_replace("/%u([0-9a-f]{3,4})/i","&#x\\1;",urldecode($varr));
$varr = html_entity_decode($varr,null,'UTF-8');
echo $varr;
?>
that will give you the correct value
I read on php.net about urldecode function and they say that superglobal $_get is already decoded, ex: "The superglobals $_GET and $_REQUEST are already decoded. Using urldecode() on an element in $_GET or $_REQUEST could have unexpected and dangerous results."
It is encoded into ASCII format .
see http://www.w3schools.com/tags/ref_urlencode.asp
So here is the problem, the pound sign (#) (Hash) wasn't encoded... since I can't go back and re-encode it I have to use javascript (ex. alert(window.location.hash);) to send me the full URL after the hash then I append it to PHP's version of the URL, I THEN use a find and replace function in PHP to replace the "#" with "%23", then I use the urldecode method and it returns the full proper url decoded.
This encoding is called percent encoding or URL encoding. You can use urldecode for decoding it. (Example: http://phpfiddle.org/lite/code/0nj-198 )

Encoding $_GET variable URL ignores ampersand "&" character

So im trying to get an url from the address bar that looks like this:
http://mysite.com/url.php?name=http://test.com/format.jsp?id=738ths3&secure=false
I'm using the $_GET variable to read it right off the URL my code is as follows
$arc = rawurlencode($_GET['name']);
echo "URL: $arc";
This only returns
URL: http://imgur.com/format.jsp?id=738ths3
It 's missing the &secure=false
What i want it to look:
URL: http://test.com/format.jsp?id=738ths3&secure=false
I have tried urlencode, rawurlencode with no avail, i have looked in google a number of forums and stackoverflow none of the answer help, any ideas? Thanks!
urlencode shows this:
URL: http%3A%2F%2Ftest.com
so i cant have that either!
You'll need to urlencode() before constructing the URL, ie:
$url = "http://mysite.com/url.php?name=".urlencode('http://test.com/format.jsp?id=738ths3&secure=false');
This way, you will be able obtain the full URL as a name GET parameter from $_GET['name'].
Explanation:
Without urlencode() it when constructing the URL, PHP would treat is as 2 separate parameters, separated by &:
$_GET['name']
which is http://imgur.com/format.jsp?id=738ths3 for your case
$_GET['secure']
which is false for your case
Alternatively:
From your comment, it seems that you do not have control for the URL construction. You can get the full $_GET in a single string using http_build_query:
$name = http_build_query($_GET);
You would then obtain:
echo $name; // name=http://test.com/format.jsp?id=738ths3&secure=false
// which you would then may want to strip away the first 'name='
$name = substr($name, strlen('name='));
echo $name; // to obtain http://test.com/format.jsp?id=738ths3&secure=false
The original URL, http://mysite.com/url.php?name=http://test.com/format.jsp?id=738ths3&secure=false, contains two query-string parameters: name and secure. The & in the query-string belongs to the full URL, not the URL in the name parameter.
If you have control over this value, when declaring the link/URL, use PHP's urlencode() to encode the full name value, such as:
$url = "http://mysite.com/url.php?name=" . urlencode("=http://test.com/format.jsp?id=738ths3&secure=false");
This will properly encode the name parameter and your $arc = $_GET['name']; will work as desired.
If you do not have control over setting the value and are simply parsing something you're receiving, you can split the given string on the name= parameter and assume everything else after it is part of name:
$splitQuery = split('name=', $_SERVER['REQUEST_URI']);
$arc = $splitQuery[1];
To decode the encoded URL, after you've accessed it, use PHP's urldecode():
$arc = urldecode($_GET['name']); // assuming you're properly encoding the `name` parameter
If you cannot encode the URL, you can get the current URI with this code:
$url = $_SERVER["REQUEST_URI"];
that in your case, the $url is :
/url.php?name=http://test.com/format.jsp?id=738ths3&secure=false
Then you can split it with explode and validate it and take the GET params from it.

PHP URL in query string using GET

I have a URL like:
http://www.google.com/test.html?d=1232&u=32
and I want to add it as a part of a GET query string like:
http://www.mysite.com/index.html?a=123&d=http://www.google.com/test.html?d=1232&u=32
Note the double "d" used. I want the URL sent to be just a url and not be read for it's query string...
What is the best way to do this to avoid problems?
You can use the urlencode() function.
Example:
$url = 'http://www.mysite.com/index.html?a=123&d='
. urlencode('http://www.google.com/test.html?d=1232&u=32');
You can use urlencode() to put that in the URL without having it interfere with anything else you have in there.
URL-encode the second url:
http://mysite.com/index.html?a=123&d=<?php echo urlencode('http://google.com/etc..'); ?>
You can assign a url to a variable and have it be query-string safe by using urlencode() (http://us3.php.net/urlencode). So you could do:
$url = 'http://www.mysite.com/index.html?a=123&d=' . urlencode('http://www.google.com/test.html?d=1232&u=32');
In this example the query-string var 'd' now houses all the contents of the second url. You will have to urldecode() it on the receiving end in order to extrapolate the data.

Categories