I need to get the values out of a URL query string like this:
http://exmaple.com/?xyz.123
And assign them to variables inside index.php running on example.com, so that:
$name = xyz;
$number = 123;
How do I code this?
Thanks!!
list($name,$number) = explode('.',$_SERVER['QUERY_STRING']);
You can parse it with the following, though it is ripe for injection unless you perform some validation/sanitization afterwards:
list($name, $number) = explode('.', $_SERVER['QUERY_STRING']);
What you want to do is take a look at $_SERVER['QUERY_STRING']. Explode the query string by . to get an array of values. You can then set up the appropriate variables. Keep in mind you'll also probably want to do some validation on the data to ensure it's in the format you need.
You'd need to setup a mod_rewrite rule first like this (untested)...
RewriteRule ^([a-zA-Z]+)\.([0-9]+)$ index.php?name=$1&number=$2
Then you could pull them out from $_GET in PHP.
Related
Consider a php script visited with URL of foo?q=some&s=3&d=new. I wonder if there is a paractical method for parsing the url to create links with new variable (within php page). For example foo?q=**another-word**&s=3&d=new or foo?q=another-word&s=**11**&d=new
I am thinking of catching the requested URL by $_SERVER['REQUEST_URI'] then parsing with regex; but this is not a good idea in practice. There should be a handy way to parse variables attached to the php script. In fact, inverse action of GET method.
The $_GET variable contains an already parsed array of the current query string. The array union operator + makes it easy to merge new values into that. http_build_query puts them back together into a query string:
echo 'foo?' . http_build_query(array('q' => 'another-word') + $_GET);
If you need more parsing of the URL to get 'foo', use parse_url on the REQUEST_URI.
What about using http_build_query? http://php.net/manual/en/function.http-build-query.php
It will allow you to build a query string from an array.
I'd use parse_str:
$query = 'q=some&s=3&d=new';
parse_str($query, $query_parsed);
$query_parsed['q'] = 'foo-bar';
$new_query = implode('&', array_map(create_function('$k, $v',
'return $k."=".urlencode($v);'),
array_keys($query_parsed), $query_parsed));
echo $new_query;
Result is:
q=foo-bar&s=3&d=new
Although, this method might look like "the hard way" :)
can anyone help me to play with GET urls for example I have a link like this:
?id=5&lang=1
So my question is how can I make this one:
?id=5,1
I don't want to show the &lang, only I want is that the &lang to replace with , "comma" can anyone help me?
You can use mod_rewrite to rewrite ?id=5,1 to ?id=5&lang=1 internally.
Otherwise, the value of id will be 5,1. Your application would then need to know that id contains more than the id. It could then parse out the language from the id. However, this will become confusing when you introduce more parameters.
Assuming you have already built the URL in the way you have specified, you can break the id field based on the comma and extract the real id and lang field
$urlPieces = explode(",", $_GET['id']);
$id = $urlPieces[0];
$lang = $urlPieces[1];
You are able to do this, but it's not very clean, in terms of the proper $_GET variable values. The solution automatically type casts the values to integers:
sscanf($_GET['id'], '%d,%d', $id, $lang);
// $id = int(5)
// $lang = int(1)
Two solutions:
Firstly, you could simply reformat the parameters when they arrive in your PHP program. With ?id=5,1, you'll get a PHP $_GET array with id '5,1'. This you can simply split using the explode() function to get the two values you want.
The second solution is to use the Apache mod_rewrite feature, to modify the URL arguments before they arrive at PHP. For this, you'll need to understand regular expressions (regex), as mod_rewrite uses this for it's work. You should google 'mod_rewrite' and 'regex' to find out more.
However mod_rewrite is typically used to get rid of GET arguments entirely. For example the URLs of the questions on this site do not have any get arguments, but the server translates the arguments between the slashes into GET arguments. This is considered better practice than simply than changing how the arguments look, as it is more user-friendly and SEO friendly.
Hope that helps.
$id = $id . ',' . $lang;
<a href="?<?php echo $id; ?>">
(NOTE: This is a follow up to a previous question, How to pass an array within a query string?, where I asked about standard methods for passing arrays within query strings.)
I now have some PHP code that needs to consume the said query string- What kind of query string array formats does PHP recognize, and do I have to do anything special to retrieve the array?
The following doesn't seem to work:
Query string:
?formparts=[a,b,c]
PHP:
$myarray = $_GET["formparts"];
echo gettype($myarray)
result:
string
Your query string should rather look like this:
?formparts[]=a&formparts[]=b&formparts[]=c
If you're dealing with a query string, you are looking at the $_GET variable. This will contain everything after the ? in your previous question.
So what you will have to do is pretty much the opposite of the other question.
$products = array();
// ... Add some checking of $_GET to make sure it is sane
....
// then assign..
$products = explode(',', $_GET['pname']);
and so on for each variable. I must give you a full warning here, you MUST check what comes through the $_GET variable to make sure it is sane. Otherwise you risk having your site compromised.
I'm trying to change a variable name in a query string, so it's usable by my PHP code.
The query gets posts from an external system, so I can't control that they are posting a variable name with a space in it. And that makes it impossible for me to use the PHP $_GET function.
I need to change variable%20name to ?new1
And I need to change variable2 to new2
There are many variables passed in the query, but only these two need to be changed. The rest can stay the same or even disappear.
So ?variable%20name=abc&variable2=xyz
Needs to end up as ?new1=abc&new2=xyz
Also, they may not be in this order and there may be more variables
So ?variable%20name=abc&blah=123&blah2=456&variable2=xyz
Could end up as ?new1=abc&new2=xyz
OR as ?new1=abc&blah=123&blah2=456&new2=xyz
Either way would be fine!
Please give me the mod_rewrite rule that will fix this.
Thank you in advance!
Parsing the query string with mod_rewrite is a bit of a pain, has to be done with RewriteCond and using %n replacements in a subsequent RewriteRule, probably easier to manually break up the original query string in PHP.
The full query string can be found (within PHP) in $_SERVER['QUERY_STRING'].
You can split it up using preg_split() or explode(), first on &, then on =, to get key/value pairs.
Using custom%20cbid=123&blahblahblah&name=example as an example.
$params = array();
foreach (explode("&", $_SERVER['QUERY_STRING']) as $cKeyValue) {
list ($cKey, $cValue) = explode('=', $cKeyValue, 2);
$params[urldecode($cKey)] = urldecode($cValue);
}
// Would result in:
$params = array('custom cbid' => 123,
'blahblahblah' => NULL,
'name' => example);
I have done urlencode of the variable before passing to the URL
http://example.com/Restaurants?alias=F%26B
But when I try to print like in the page
$alias = rawurldecode($_GET['alias']);
echo $alias;
it prints only F. How to solve this?
I doubt that $_GET['alias'] exists when requesting a URL with the query aliasF%26B. It’s rather $_GET['aliasF&B'] that’s getting populated.
In this case you need to use $_SERVER['QUERY_STRING'] to get the full query.
It looks like you are not using the query string "correctly." It should be in key=value pairs. I would look at using $_SERVER['QUERY_STRING'] to get your information instead.
You don't need to urlencode the pair. You only need to urlencode name and a value as such:
Wrong:
urlencode('aliasF=B')
Correct:
urlencode('aliasF') . '=' . urlencode('B')
AFAIK $_GET are already decoded.
See php.net
The superglobals $_GET and $_REQUEST
are already decoded. Using urldecode()
on an element in $_GET or $_REQUEST
could have unexpected and dangerous
results.
It is possible to solve this problem by using a different encoding system specific for your situation:
function encode($string)
{
$result = str_replace("|","||",$string);
return str_replace("&","|20",$result);
}
function decode($string)
{
$result = str_replace("|20","&",$string);
return str_replace("||","|",$result);
}
This will basically create a separate escaping system using the '|' character. That character can be anything you normally don't use and isn't an field separator.
Here, Apache won't transform the URL to something different, thus voiding the conversion. Also browsers won't transform it.
Mind that you would decode($_GET['alias']) and encode() the url that the user is pressing or the script is following.