I have a webpage that the user inputs data into a textarea and then process and display it with some javascript. For example if the user types:
_Hello_ *World* it would do something like:
<underline>Hello</underline> <b>World</b>
Or something like that, the details aren't important. Now the user can "save" the page to make it something like site.com/page#_Hello_%20*World* and share that link with others.
My question is: Is this the best way to do this? Is there a limit on a url that I should be worried about? Should I do something like what jsfiddle does?
I would prefer not to as the site would work offline if the full text would be in the hash, and as the nature of the site is to be used offline, the user would have to first cache the jsfiddle-like hash before they could use it.
What's the best way to do this?
EDIT: Ok the example I gave is nothing similar to what I'm actually doing. I'm not cloning markdown or using underline or b tags, just wanted to illustrate what I wanted
Instead of trying to save stuff in the URL, you should use the same approach that is common in pastebins: you store the data , can provide use with url, containing an unique string to identify stored document. Something like http://foo.bar/g4jg64
From URL you get state or identifiers, not the data.
URLs are typically limited to 2KB total, but there is no officially designated limit. It is browser-dependent.
Other than that, make sure you properly URL encode what you're putting up there, and you're fine... although I certainly would not want to deal with obnoxiously long URLs. I might suggest you also avoid tags such as <underline> and <b>, as they have been deprecated for a very, very long time.
Use javascript function:
encodeURIComponent('_Hello_ *World*');
Related
I'm using a javascript step sequencer that records the current user-inputed drum pattern into the URL.
So for example before any user input the url looks like:
http://localhost:8888/member-index.php#/0000/0000/0000/0000/0000/0000/0000
and then if the user inputs a basic drum beat the URL might look like:
http://localhost:8888/member-index.php#/8020/0808/aaaa/0000/0000/0000/0000
So I want to be able to save the user-created patterns to my MySQL database so that user's can save and load beats they've previously created.
Could someone give me a quick example of what the PHP code would look like to save the pages current URL to a database?
EDIT:
People are saying to use $_GET - how would I use this with a URL like mine that is broken up into seven sections with "/" dividing them?
Short Answer
Use $_GET instead.
Long Answer
Retrieving the url with PHP isn't going to include what comes after the #, because that's only sent to the browser and not to the server. As #Kazar says in an answer to a similar question, you could use Javascript and document.location.hash to retrieve the information after the hash and then send it to the server via ajax.
But fortunately there's a much better built-in solution, which is $_GET (documentation here).
Instead of constructing your url thus:
member-index.php#/8020/0808/aaaa/0000/0000/0000/0000
Make it like this:
member-index.php?a=8020&b=0808&c=aaaa&d=0000&e=0000&f=0000&g=0000
Then you can retrieve this information easily in PHP:
$a = $_GET['a'];
$b = $_GET['b'];
...
And then pass it on to the database. (Even better, replace a, b, etc. with whatever the order actually means)
You could use htaccess and url rewriting to redirect all requests to a specific php in which you check the url. see:Rerouting all php requests through index.php
nevertheless I think using get/post or the request body is easier to send your data.
I'm learning about the function urlencode. Is it possible to use this on a file name? So - when you upload a file to your server and then use that file name later, you would be able to use it in a url?
$promotionpicture=$_FILES["promotionpicture"]["name"];
$promotionpicture=rawurlencode($promotionpicture);
Then later...
$imagesource="http://mysite.com/".$userID."/".$promotionpicture;
I'm trying to do this, but every time I navigate to the picture, i get a "Bad request" from my server. Is there a specific php encode function I should use? Or is this wrong all together? Thanks in advance for you help.
urlencode and similar functions are for making an HTTP friendly URL. You would want to keep the normal filename and then when printing the img src, use urlencode.
Note that this is not really the preferred way to do it as you can run into duplicate filenames and misc security issues. It's better to generate a filename for it using a uuid or timestamp or something, that way you can bypass those types of issues.
Pictures are really just raw data, like any other file. It is possible to do something like what you're doing, but not necessarily advisable.
If you want to do something like that, I recommend instead doing something to strip special characters.
$newfilename=preg_replace('/[^a-zA-Z0-9.]/','',$filename);
(from Regex to match all characters except letters and numbers)
That said, keep in mind what others have said. How will you handle file name collisions? Where will the images be stored and how?
One easy way to do this much more robustly is to store in a database the original file name and the MD5 hash. Save the file by its hash instead of by name, and write a script that retrieves the file by matching the original name to the MD5 using the database. If you store the file type, you can issue correct headers and when the user downloads the file or uses it to embed in a web page, it will retain its original name, or display as expected respectively.
I have a lot of records in the database, and each record will have an image, I'm pretty confused about how to store the images.
I want the access route to be something like /img/record-id.jpg (i.e. /img/15178.jpg).
Alright, storing all images inside /img/ isn't a good thing, because there will be many.
In this question it is suggested to reverse the name of the image, so the example above would be stored under /img/78/51/15178.jpg. The suggestion won't give further info (and for me it's not obvious) about other scenarios. What will happen (this is asked in the last comment for the answer) if the id is a low number like 5, 15, 128, 1517?
Leaving that aside, let's remember I want the path to be /img/15178.jpg. I'd redirect the request using Apache, but for that I'd have to type at least 3 or more rules for different id numbers:
^/img/(\d)(\.jpg)$ /img/$1$2
^/img/(\d\d)(\.jpg)$ /img/$1/$1$2
^/img/(\d\d)(\d\d)(\.jpg)$ /img/$1/$2/$3
And so on?
This doesn't seem to be a nice solution, although it would work just fine.
I could think of other option which is: take the MD5 of the image, store it in its respective record, redirect the request to a PHP script and let it take care of the output.
The script will look the MD5 for the id in the database, build the actual route out of the hash and output the image. This solution is neater, but it involves database and PHP to output an image, sounds like a little too much.
I really don't know what to do here. Mind giving me some advice?
You already have written the perfect answer ! Professionals use it exactly like you (or the guy in the linked question) says: Building a deep directory structure that fits your needs. I have done this with 16 million pictures, and it worked perfectly.
I did it like this:
/firstCharacter/secondCharacter/...
Files with short names, like 5.jpg, will be in /5/5.jpg
EDIT: to keep the performance on top, i'm totally against any further php actions, like salt, md5, etc. Keep it straight and simple.
I've setup a page with a number of categories and a filter system. However, I'd like users to be able to enter anchors into the URL so that they can simply visit, for example:
www.site.com/page#categoryA
To see simply Category A
This functions quite well, but doesn't allow for multiple anchors. The only solution I've come up with is to keep tacking on the visible categories to the anchor and process the string with jQuery, or is there a better way to do this?
It is also important that when a user clicks beyond this page, hitting the back button presents the categories in their previously chosen visible/invisible states.
This should be possible via hash changes similar to your current approach.
A good way of doing this could look something like this: www.site.com/page/#CategoryA,CategoryB,CategoryC,etc
Or, if you need to use named parameters, you could even do: www.site.com/page/#categories:CategoryA,CategoryB,CategoryC/tags:TagA,TagB,TagC,etc
The jQuery hashchange plugin can handle cross-browser hashchanges for you. A function call to your own code with some basic string parsing / regex checking should take care of the rest and create a nice object from which to read the passed-in values.
If i'm understand you right, you wanna make one page app?
Check here, maybe it is a solution for you http://microjs.com/#spa
I've been figuring out how to let apostrophe's cross URI's.
I'm building a site that allows users to "create photo albums". I have a link that when clicked, it will load and display all the contents of a certain album. I'm using codeigniter so this page is called this way:
http://www.fourthdraft.com/index.php/admin/manageAlbumContents/dan's/91
admin = controller
managealbums = function
dan's (album name) = variable
As you know, codeigniter does not allow apostrophe(') in uri's. My problems are:
If I htmlspecialchars/htmlentities
the album name it becomes &#xx;
Those new characters also not
allowed
If I url encode it becomes %xx. percent is allowed but codeigniter
urldecodes it before processing so
it just reverts back to apostrophe
I've tried making my own preg_replace ( ' => '~apos~' ) but i
just find it inefficient, too much
lines to run and tedious since I
have an 80% done website and the
strings I have to replace are
everywhere.
I've also considered using base64_encode. It takes more space
but it does the job. Then again, the
encoded version contains '=' which
is also disallowed
As much as possible I do not want to just add apostrophe in the allowed characters list in codeigniter's config file. I believe they don't have it there for a reason. At the same time, I'm running out of options.
The reason for wanting to allow apostrophe's is because in this context, it's bound to be used. For example, what if someone decided to put 'dan's birthday party' as an album name? It's bound to happen. and i'm pretty sure my users would complain. Even if I manage to convince them otherwise, what will i replace that with? dan_s birthday party? looks wrong. Also, if facebook can do it I should too. At the very least, if facebook did it, then that means there's a way.
If you guys have any suggestions, fire away. Otherwise I'm wondering if it's ok (and safe) to just allow apostrophe in the allowed URI characters. I know it's VERY dangerous for mysql which i use a lot but I just remembered codeigniter's query binding variables automatically escapes characters. I'm wondering if that would suffice and keep me safe.
Otherwise, please please please give me a good idea. I'm drained out
I like to believe that the days of mysql_query("SELECT * FROM table WHERE x={$_GET['val']}") are over. That being said, it's OK with any decent database library as long as you use parameter binding. So go ahead and use urlencode.