Re: [PHP] URLencode issues - halp! - code included
besides urlencode you should also use htmlspecialchars SpyProductions Support Team wrote: Here is some code: From a form, I get username as $name and it goes to the processing file for the form, where a sale happens and it sends the code to a different server like this: $data = urlencode($name); print META HTTP-EQUIV='refresh' CONTENT='0;URL=http://somedestination.php?name=$data'; That server then processes the person and puts them into the MySQL - but if the name is bad, it errors out and stops the script: $name = urldecode($name); if(!$name) { print You entered an invalid name. Please stop and call us at; } else { Inserts record into database. } That's it. It doesn't seem to matter what the name entered is; there is no rhyme or reason (seemingly) to the names it fails on (as per my previous post). urlencode may just be a flaky thing to use? Perhaps depending on the browser? Thanks, -Mike -Original Message- From: David T-G [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 3:31 PM To: PHP General list Cc: SpyProductions Support Team Subject: Re: [PHP] URLencode issues - halp! Mike -- ...and then SpyProductions Support Team said... % % I am having some issues, apparently, with URL encode. ... % % I decided to use this because people are allowed to use *any* key as part of % their name, so a name like rt'$%^*'rt is perfectly allowable. Makes sense, but I'd use base64_encode (with base64_decode, of course) rather than urlencode; it will properly shield everything. No, I don't know why 'normal' names fail and goofy ones don't; without some code and some specific examples we can't really tell too well :-) HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] URLencode issues - halp! - code included
Here is some code: From a form, I get username as $name and it goes to the processing file for the form, where a sale happens and it sends the code to a different server like this: $data = urlencode($name); print META HTTP-EQUIV='refresh' CONTENT='0;URL=http://somedestination.php?name=$data'; That server then processes the person and puts them into the MySQL - but if the name is bad, it errors out and stops the script: $name = urldecode($name); if(!$name) { print You entered an invalid name. Please stop and call us at; } else { Inserts record into database. } That's it. It doesn't seem to matter what the name entered is; there is no rhyme or reason (seemingly) to the names it fails on (as per my previous post). urlencode may just be a flaky thing to use? Perhaps depending on the browser? Thanks, -Mike -Original Message- From: David T-G [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 3:31 PM To: PHP General list Cc: SpyProductions Support Team Subject: Re: [PHP] URLencode issues - halp! Mike -- ...and then SpyProductions Support Team said... % % I am having some issues, apparently, with URL encode. ... % % I decided to use this because people are allowed to use *any* key as part of % their name, so a name like rt'$%^*'rt is perfectly allowable. Makes sense, but I'd use base64_encode (with base64_decode, of course) rather than urlencode; it will properly shield everything. No, I don't know why 'normal' names fail and goofy ones don't; without some code and some specific examples we can't really tell too well :-) HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] URLencode issues - halp! - code included
Take the $name = urldecode($name); bit out. The decoding is all handled by PHP before your script runs. Also, you should look into using $_GET['name'] instead of $name. SpyProductions Support Team wrote: Here is some code: From a form, I get username as $name and it goes to the processing file for the form, where a sale happens and it sends the code to a different server like this: $data = urlencode($name); print META HTTP-EQUIV='refresh' CONTENT='0;URL=http://somedestination.php?name=$data'; That server then processes the person and puts them into the MySQL - but if the name is bad, it errors out and stops the script: $name = urldecode($name); if(!$name) { print You entered an invalid name. Please stop and call us at; } else { Inserts record into database. } That's it. It doesn't seem to matter what the name entered is; there is no rhyme or reason (seemingly) to the names it fails on (as per my previous post). urlencode may just be a flaky thing to use? Perhaps depending on the browser? Thanks, -Mike -Original Message- From: David T-G [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 3:31 PM To: PHP General list Cc: SpyProductions Support Team Subject: Re: [PHP] URLencode issues - halp! Mike -- ...and then SpyProductions Support Team said... % % I am having some issues, apparently, with URL encode. ... % % I decided to use this because people are allowed to use *any* key as part of % their name, so a name like rt'$%^*'rt is perfectly allowable. Makes sense, but I'd use base64_encode (with base64_decode, of course) rather than urlencode; it will properly shield everything. No, I don't know why 'normal' names fail and goofy ones don't; without some code and some specific examples we can't really tell too well :-) HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law.
RE: [PHP] URLencode issues - halp! - code included
So what is the decode part for then? Earlier versions of PHP? :) Thanks, -Mike -Original Message- From: Leif K-Brooks [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 4:43 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] URLencode issues - halp! - code included Take the $name = urldecode($name);bit out. The decoding is all handled by PHP before your script runs. Also, you should look into using $_GET['name'] instead of $name. SpyProductions Support Team wrote: Here is some code: From a form, I get username as $name and it goes to the processing file for the form, where a sale happens and it sends the code to a different server like this: $data = urlencode($name); print META HTTP-EQUIV='refresh' CONTENT='0;URL=http://somedestination.php?name=$data'; That server then processes the person and puts them into the MySQL - but if the name is bad, it errors out and stops the script: $name = urldecode($name); if(!$name) { print You entered an invalid name. Please stop and call us at; } else { Inserts record into database. } That's it. It doesn't seem to matter what the name entered is; there is no rhyme or reason (seemingly) to the names it fails on (as per my previous post). urlencode may just be a flaky thing to use? Perhaps depending on the browser? Thanks, -Mike -Original Message- From: David T-G [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 3:31 PM To: PHP General list Cc: SpyProductions Support Team Subject: Re: [PHP] URLencode issues - halp! Mike -- ...and then SpyProductions Support Team said... % % I am having some issues, apparently, with URL encode. ... % % I decided to use this because people are allowed to use *any* key as part of % their name, so a name like rt'$%^*'rt is perfectly allowable. Makes sense, but I'd use base64_encode (with base64_decode, of course) rather than urlencode; it will properly shield everything. No, I don't know why 'normal' names fail and goofy ones don't; without some code and some specific examples we can't really tell too well :-) HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law.
RE: [PHP] URLencode issues - halp! - code included
--- SpyProductions Support Team [EMAIL PROTECTED] wrote: So what is the decode part for then? Earlier versions of PHP? No, it is for decoding URL-encoded strings, just as you would expect. The reason you do not need to decode URL variables is because they are not URL-encoded by the time your script executes. Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php