When I output $_SERVER['REQUEST_URI']; on:
http://localhost/tools/?tool=cs&sub=1
I get:
/tools/?tool=cs⊂=1
Is there other solution to get /tools/?tool=cs&sub=1 besides using & instead of & ?
It's because you're echoing it to your browser - &sub is being interpreted as an HTML entity (⊂).
If you echo htmlentities($_SERVER['REQUEST_URI']); you'll get what you expect.
You have to use the right encoding for the environment you're in - in HTML that means using &.
try this
echo urldecode($_SERVER['REQUEST_URI']);
How are you outputting this value? If you're dumping it to the browser, are you sure it's not trying to 'decode' embedded ampersands?
Try a file with just
<?php phpinfo();
and look to see what the value is displayed as (near the bottom)
Related
I want to use the GET method to send a string to the receive page, but if the string includes '#', the receiver page can only get the sub string before the '#'.
As the following example:
test
When I click the 'test' link to open the 'test.php' page, which has the following code:
<?php
if(isset($_GET["q"])) {
echo $_GET["q"];
}
?>
It only display 'string1' on the page, '#string2' is missing.
So I want to know what happened to the string, and how to fix this problem.
Thank you for any help!
=======Update===========
With the help of #Eric Shaw and #JP Dupéré, I know how to fix this problem.
The simplest way is encoding the string before using the get method.
To encode the query string, you can:
use urlencode() in PHP, and urldecode() can decode the string.
use encodeURIComponent() in JavaScript, and decodeURIComponent() can decode the string.
Try
urlencode("string1#string2")
before calling GET.
The #foo is used to jump to an <a name="foo"/> tag on the page, rather than viewing the top of the page when the browser loads it.
The stuff after the # is processed by the browser and NOT sent to the server.
You can escape the # and the escaped version will be sent to the server, i.e.
test
will do what you want I think
This escaping is also a common technique to get the # passed along in the URL for redirectors.
I have a php variable $username and following script:
<?php
echo ''.$username.'';
?>
If $username contains something <b it bolds text. How can I prevent that?
Use htmlspecialchars
echo ''.htmlspecialchars($username).'';
See documentation: http://php.net/manual/en/function.htmlspecialchars.php
echo ''.htmlentities($username).'';
like that:
<?php
echo ''.htmlspecialchars($username).'';
?>
http://php.net/manual/fr/function.htmlspecialchars.php
the echo in PHP returns the HTML of whatever you tell it should. So if you use e.g.
echo "This is my text which should be displayed as it is <b>";
the browser will translate it into the according HTML Text (every browser has built in mechanics to "repair" malformed HTML), which will be
<b>This is my text which should be displayed as it is</b>
This is not only wrong, but also a security risk. Imagine someone uses an extremely long name which would translate into javascript once the browser renders it. Your server would turn into a spambot machine.
To prevent this from happening, you have to use the according php function, which is htmlspecialchars() (or htmlentities();
So your code will be:
echo ''.htmlspecialchars($username).''
and it will display the name as intended.
You need to strip (remove) HTML tags from the string.
echo '' . strip_tags($username) . '';
http://php.net/manual/en/function.strip-tags.php
I currently working on PHP and at some part of code I generate URL string. I set the GET parameter to currencyCode. But before I add &. So, at result I must get ¤cyCode but get ¤cyCode.
How do I fix it?
You need to create url this way using urlencode() function:
<?php
echo 'http://example.com/'.urlencode('¤cyCode');
I also think that your main problem is with displaying it. You should use:
echo htmlspecialchars('¤cyCode');
to display it.
Otherwise it seems browser change the first part of this string into: ¤ entity so you get something like that ¤cyCode and what makes you have display ¤ symbol what is ¤ and the rest of string cyCode
You should use urlencode() function in php to encode the url. Your code should look like this
<?php
echo 'http://yoursitename.com/'.urlencode('¤cyCode');
This should be incredibly simple but i can't seem to figure it out.
I have the following code
<?php
$bookingid='12345';
include_once('phpToPDF.php') ;
//Code to generate PDF file from specified URL
phptopdf_url('https://google.com/','pdf/', $bookingid.pdf);
echo "<a href='pdf/$bookingid.pdf'>Download PDF</a>";
?>
It echo's correctly however when it comes to generate the pdf...
phptopdf_url('https://google.com/','pdf/', $bookingid.pdf);
...it misses out the fullstop so it generates 12345pdf whereas it should be 12345.pdf.
Again, i apologise for the probable simplicity of this but i can't seem to figure it out.
$bookingid.pdf
It tells php to concatenate variable $bookingid with constant pdf. Since constant pdf is undefined, it is casted to string and concatenated. Proper code will look like:
$bookingid . '.pdf'
or
"$bookingid.pdf"
This should be
$bookingid.".pdf"
PHP is seeing a string concatenation, concatenating pdf' to $booking. pdf is an undefined string, so PHP helpfully assumes that you mean the text itself, but it misses the full stop you also need.
Okay so I have a php script and I need to somehow view the value of one of my variables. The thing is this variable is a very long string of XML that got returned from a server. I know it has an error message in it but I need to actually see what it is saying. If I try and Print or echo the value it only displays part followed by a ... or if I use var_dump it does the same. I've even gone as far as trying to echo a javascript alert with the value but that fails because there are single and double quotes in the xml causing the alert quotes not to be recognized correctly. I just need to see the value of this variable. Any advice? Thanks.
Edit:
Actually said that wrong. Echo and print don't display the value correctly because the tags are in <> brackets so it is recognizing as an html tag.
You can use htmlentities to output the XML string so that you can get a plaintext view of it in a browser.
<?php echo htmlentities( $xml_string); ?>
Alternatively, you can parse the XML string to reveal the error message, but this may be more complicated than what you need.
Try echo htmlentities($var, ENT_COMPAT, 'UTF-8')
i always use this:
echo "<pre>". htmlentities($s) . "</pre>";
Try this:
echo '<pre>'.$xml_string.'</pre>';
See also:
CDATA - (Unparsed) Character Data
i usaly use:
echo nl2br(str_replace('<', '<', $xml));
as its only the < that are a problem
You could just save the XML string to a file. If it's well-formed XML, you can view it with every browser (and expand/collapse nodes ^^).