I am passing an encrypted string in the url and then using php $_GET to retrieve it but i am having some problems with let me write the url first to make it more sense
http://localhost/marketplace/test.php?sortid=Cd2&V0reSzN$NBh^tjcF!%3CfsAAhIU%28%3C
if you will notice i have an ampersand sign in the middle of the string so when i am echoing out $_GET it is breaking the value after ampersand sign Ex
echo $_GET['sortid'];
and the result i am getting is Cd2 and it is not reading anything after ampersand sign , the problem i can figure out is that php will read the everything as a different parameter after '&' sign while using $_GET
But i have no idea on how to fix this
Thanks
This is happening because ampersand sign has a special meaning in query strings. The behaviour you are experiencing is perfectly normal and expected.
If you want to pass GET parameters that include special characters you should properly encode them using urlencode or alternatively something like base64 encode.
by URL creating, replace ampersand with %26, it will do the trick.
Alternately, encode your encoded string with base64 again, then you have no ampersand.
Related
I have a string of Characters that is passed in a URL.
The string happens to contain a group of characters that is equivalent to an ASCII code.
When I try to use the string on the page using the $_GET command, it converts the part of the string that is equivalent to the ASCII code to the ASCII code instead of passing the actual string.
For example the URL contains a string Name='%bert%'. But when I echo out $_GET['Name'] I get '3/4rt%' instead of '%bert%'. How can I get the actual text?
You're not escaping your data properly.
If you want to use %bert% in a URL, you need to encode your % as %25, making your query string value %25bert%25.
% in a URL means that the next two characters are going to be some encoded entity, so if you want to use it literally, it must be encoded this way.
You can read more information here: http://www.blooberry.com/indexdot/html/topics/urlencoding.htm
try passing Name='%25bert%25' instead of Name='%bert%'.
Note: %25 acts as escape character for % is url query string!
I have the following URL
http://localhost:8777/business.php?id=Mobiles and Tablets
When I am passing "and" in id it is redirecting me to the desired page but when I am passing
http://localhost:8777/business.php?id=Mobiles & Tablets
& i.e. ampersand in id it is giving 404 error.
My PHP Code is like this:
<? echo $cat;?>
You have to use urlencode() in your php code.
<? echo $cat;?>
It will generate link like:
http://localhost:8777/business.php?id=Mobiles+%26+Tablets
Space will be converted to +, and & will be converted to %26
use php urlencode()
This function is convenient when encoding a string to be used in a query part of a URL, as a convenient way to pass variables to the next page.
And use urldecode() to decode your encoded argument
Decodes any %## encoding in the given string. Plus symbols ('+') are decoded to a space character.
I have a string has encrypted but with some symbol qwfKOEK==dwk&f
What if I need pass this string to a parameter:
www.example.php?string=qwfKOEK==dwk&f
$_GET["string"]
But I can’t get the string cause the symbol interrupt it.
Anyway to escape the symbol?
I had try html_entity_decode but seems not working, any possible way to escape the symbol and $_GET the original string?
A URL value needs to be URL encoded using urlencode or rawurlencode.
The difference between the two is two slightly different standards for encoding, whereby the rawurlencode variant is generally preferred.
If you try to put this sting in a GET parameter, definitely it'll not be accepted as it explodes at "=" sign. You can try passing the same though a POST parameter or try changing the encryption technique. I hope this may solve the problem. plus, html_entity_decode() doesnt apply to "=" sign.
I want to pass any text as a get parameter to a php script. For know I just append the text this way:
action.php?text=Hello+my+name+is+bob
This url is composed by javascript and I do a ajax request with this url.
In action.php I do
$encoded = array_map('rawurlencode', $_GET);
But this does not work for special chars like ÖÄüä.
Any idea how to solve this?
url_encode(string) will return the given string with special characters converted into %XX format.
http://us3.php.net/manual/en/function.urlencode.php
I know you can send special characters fine without encoding through $_POST, which is another alternative
try with url_encode().........
While looking over the doc's for urldecode() I came across this note:
The superglobals $_GET and $_REQUEST
are already decoded. Using urldecode()
on an element in $_GET or $_REQUEST
could have unexpected and dangerous
results.
This is the reason why a get variable with the value of %26 ends up being &. Are there any other auto-magical decode routines other than urldecode()? Perhaps decoding that is only done because of configuration or negotiation?
GET parameter decoding works actually in this sequence:
explode("&", $QUERY_STRING)
strtok("=") to split names from value
urldecode() on name and value
strtr(".", "_", $name) - non-alphanumeric characters mostly stripped from var names (a GET parameter &x.y= becomes $_GET["x_y"])
expanding of [] array names
addslashes() on values if magic quotes were enabled - this is the only part that's configurable
When decoding POST parameters in multipart/form-data a charset= could be set individually for each field. But I have a hunch that PHP doesn't respect that.
That is all. AFAIK
While no longer really an issue in the later builds of PHP, GET POST & COOKIES used to have quotes automatically escaped... See here for more info: http://php.net/manual/en/security.magicquotes.php