I am trying to send a variable from a Javascript to a php script but what gets sent is just the first string and the rest is discarded.Dont know what i would be doing wrong.
Here is my code:
<script type="text/javascript">
document.write(<li><a href=../../../../projects/sungrant/view/HistoricalCategory2.php?category=Historical Category 2>Historical Category 2 </a></li>)
</script>
My $_GET['category'] at the server side only prints Historical? Dont know what i may be missing or if there is a better way of passin data from a Javascript to PHP,i will appreciate.
Either wrap your href attribute value in quotes or change the spaces to %20.
href="../../../../projects/sungrant/view/HistoricalCategory2.php
?category=Historical Category 2"
or
href=../../../../projects/sungrant/view/HistoricalCategory2.php
?category=Historical%20Category%202
The reason it doesn't work with spaces is that in valid HTML, attributes are separated by spaces. If you need to use spaces in a HTML attribute value, make sure you wrap the string with quotes. If it's a URL, the browser will do the necessary URL encoding for you.
The problem is with your URL - you havent encoded the spaces so it only picks up the first variable
../../../../projects/sungrant/view/HistoricalCategory2.php?category=Historical Category 2
should be
../../../../projects/sungrant/view/HistoricalCategory2.php?category=Historical+Category+2
or
../../../../projects/sungrant/view/HistoricalCategory2.php?category=Historical%20Category%202
Related
I can't figure out why my php processing script stops when it encounters a special character in a tinymce textarea.
example if I type foo and submit, fine...no problems but if I type foo<<<, it stops after foo when I submit
the editor is creating the html entities and sending them through ajax
getting the content with
var c = tinyMCE.get('content').getContent();
and sending the content
ajax.send("action=edit_content&c="+c+"&id="+id);
and I can see in firebug that the string is being passed
action=edit_content&c=<p>foo <<<</p>&id=8
and the php is really nothing special at all, just set that post to a var
is it maybe because of the & in the < ? maybe it thinks that is actually another post parameter?
I am still getting my feet wet when it comes to ajax. If I am correct on my assumption, how do I fix that?
You have the right idea. The ampersand is breaking the URL string.
In order to fix breaking characters, you have to escape the string.
Try this:
ajax.send("action=edit_content&c="+escape(c)+"&id="+id);
You probably won't have to (because Apache will do it for you), but if necessary, you can also unescape the string on the PHP side using urldecode:
<?php echo urldecode($_GET['c']); ?>
I am trying to do a query string in html.
String that I want to pass is "Book Cover".
But I only managed to get Book.
How should I go about doing it?
Below is my code:
<a href=book.php?category=Book Cover>Book Cover</a>
You need to encode all your query string vars, For example with rawurlencode / rawurldecode
Book Cover
And in PHP:
$category = rawurldecode($_POST['category']);
In HTML the value stops at the space:
<a href=book.php?category=Book Cover>Book Cover</a>
^
If you want to include a space inside a value in HTML you need to add quotes:
Book Cover
^ ^
In HTML both single and double quotes are allowed.
Now the value itself has a problem, too:
book.php?category=Book Cover
`- URL stops here.
This is a relative HTTP URL and as for any HTTP URL the space character is a special value. It can normally not be part of the URL, therefore you need to encode it. This can be done as with any other special character in a HTTP URL with triplet encoding / percentage-encoding replacing the binary value of the character(s) with their hexadecimal number:
book.php?category=Book%20Cover
For the space you have, historically it is even a special-case, you can also encode it with the plus sign.
The later problem is often dealt with by the user agents, but the quotes in HTML are needed otherwise the value gets cut.
And it is generally good practice to place attribute values in HTML inside (double) quotes. So I suggest you to do that.
Why not convert to UTF-8 before encoding?
urlencode(utf8_encode($string));
Looks like you are missing double quotes
Book Cover
I am trying to add a user-defined string to information passed to a third party via href. So I have something that will look like
Link Text
USERSTRING is known when the page loads so it could be put in the href by php when the page loads, or I can dynamically add it with javascript.
What I don't know is what I need to do to escape any special characters so that the link works and can be read on the other end - USERSTRING could be something really annoying like: [He said, "90% isn't good enough?"] The data is only used in an auto-generated file name so it doesn't need to be preserved 100%, but I'm trying to avoid gratuitous ugliness.
The urlencode() function provides exactly what you are looking for, ie:
Link Text
You need to urlencode it. If the variant of urlencode you end up using doesn't encode '&', '#', '"', and angle brackets as it should then you'll need to HTML encode it too.
I wrote a script that when you enter a textbox, it will open an invisible iframe to a .php file with $_GET of what they wrote into the textbox.
However, for example, if I type: '<3' in it, this is what happens.
PHP determins that the $_GET[s] is blank! Users cant put a simple <3 symbol without getting that error.
Another problem is quotes, if I write any quotes, it will end the entire SRC property.
What should I do? Should I do something with javascript, or even PHP? Please let me know!
Thanks!
Use urlencode to encode the inputted string into a valid one for URL use.
Also be very cautious when allowing user input into your PHP script through the URL. Make sure you do proper checks/sanitization, especially if database operations are involved.
It looks like your iframe is generated by JavaScript, so all those answers that include PHP functions are useless. The data isn't even reaching PHP, so how can any PHP function hope to help?
Instead, try using urlencode from PHPJS, since none of JS's functions really handle all cases well, and this makes it easy for you to use PHP's urldecode to retrieve the data.
You need to encode that character as <.
Regarding double quotes, you can use this trick.
attr='Your string can "contain double quotes"'
or
attr="Your string can 'contain double quotes'"
but while specifying variable=values in url, you don't need to user double quotes, you can directly assign the values.
like
url="test.php?var1=123&var2=345"
rest about sending the <3 characters, you can check for url encoding in javascript & PHP whichever applicable!
I have made one form in which there is rich text editor. and i m trying to store the data to database.
now i have mainly two problem..
1) As soon as the string which contents "#"(basically when i try to change the color of the font) character, then it does not store characters after "#". and it also not store "#" character also.
2) although i had tried....in javascript
html.replace("\"","'");
but it does not replace the double quotes to single quotes.
We'll need to see some code. My feeling is you're missing some essential escaping step somewhere. In particular:
As soon as the string which contents "#"(basically when i try to change the color of the font) character
Implies to me that you might be sticking strings together into a URL like this:
var url= '/something.php?content='+html;
Naturally if the html contains a # symbol, you've got problems, because in:
http://www.example.com/something.php?content=<div style="color:#123456">
the # begins a fragment identifier called #123456">, like when you put #section on the end of a URL to go to the anchor called section in the HTML file. Fragment identifiers are purely client-side and are not sent to the server, which would see:
http://www.example.com/something.php?content=<div style="color:
However this is far from the only problem with the above. Space, < and = are simly invalid in URLs, and other characters like & will also mess up parameter parsing. To encode an arbitrary string into a query parameter you must use encodeURIComponent:
var url= '/something.php?content='+encodeURIComponent(html);
which will replace # with %35 and similarly for the other out-of-band characters.
However if this is indeed what you're doing, you should in any case you should not be storing anything to the database in response to a GET request, nor relying on a GET to pass potentially-large content. Use a POST request instead.
It seems that you are doing something very strange with your database code. Can you show the actual code you use for storing the string to database?
# - character is a common way to create a comment. That is everything starting from # to end of line is discarded. However if your code to store to database is correct, that should not matter.
Javascript is not the correct place to handle quote character conversions. The right place for that is on server side.
As you have requested....
I try to replay you... I try to mention exact what I had done...
1) on the client side on the html form page I had written like this..
html = html.trim(); // in html, the data of the rich text editor will come.
document.RTEDemo.action = "submit.php?method='"+ html.replace("\"","'") + "'";
\\ i had done replace bcz i think that was some problem with double quotes.
now on submit.php , my browser url is like this...
http://localhost/nc/submit.php?method='This is very simple recipe.<br><strong style='background-color: #111111; color: #80ff00; font-size: 20px;">To make Bread Buttor you will need</strong><br><br><blockquote><ol><li>bread</li><li>buttor</li></ol></li></blockquote><span style="background-color: #00ff80;">GOOD.</span><br><br><br><blockquote><br></blockquote><br>'
2) on submit.php ........I just write simply this
echo "METHOD : ".$_GET['method'] . "<br><br>";
$method = $_GET['method'];
now my answer of upper part is like this...
METHOD : 'This is very simple recipe.
now i want to store the full detail of URL....but its only storing...
This is very simple recipe.