+ Post New Thread
Results 1 to 10 of 10
Coding Thread, HTML Escaping URL Get in Coding and Web Development; I'm probably not doing something really simple but at 2am my brain is just fried! The following code is part ...
  1. #1

    Join Date
    Dec 2008
    Posts
    197
    Thank Post
    7
    Thanked 32 Times in 18 Posts
    Rep Power
    18

    HTML Escaping URL Get

    I'm probably not doing something really simple but at 2am my brain is just fried!

    The following code is part of a filtering review form:

    Code:
    <input name="url" value="<?php echo $_GET['url']; ?>" id="url" size="40" /></font></td>
    the above section of the code is intended to capture the url section of the current web address. This a long with a couple of other variables are posted from a cgi script. e.g. an example web address for the form:

    Code:
    http://10.xx.xxx.xx/~BlockedWWW/cpreview/submitreview.php?user=testuser&url=http://www.google.co.uk/search?hl=en&q=proxy&meta=&ipaddr=10.xx.xxx.xx&type=redlist
    Unfortunately because of the way Google and some other websites work they actually use &'s in the url which doesn't help matters for my form. So when the form grabs the value it ends up as
    Code:
    http://www.google.co.uk/search?hl=en
    and then &q=*query* + &meta=*meta* becom like additional posted values - if you like.

    I imagine I need to do some html escaping in my coding to replace the &'s from the url section of the web address. I can move the url string to the end of the address so it doesn't interfere with any other values. Am hitting a bit of a brick wall - little help how I can achieve getting the form to grab the proper url string value?
    Last edited by NeoPlosive; 18th February 2009 at 09:36 AM.

  2. #2

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,843
    Thank Post
    671
    Thanked 1,381 Times in 1,143 Posts
    Rep Power
    349
    it's early and i can't think straight either, php not a strong point, but,
    can't you grab the whole url string from address bar not just the posted variable 'url'. then find 'url' and extract from 'url's position to end of line?

  3. #3

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,843
    Thank Post
    671
    Thanked 1,381 Times in 1,143 Posts
    Rep Power
    349

    Lightbulb

    Ok, so in the office now, this is ripped from some code i've got on the intranet.

    The following will display the query string i.e. everything after the question mark, on screen. You can put that in a variable and parse for data after URL. It's not the most elegant and i'm sure there's a way to pull back the lot using GET_ because it is an array command after all (i think).

    Code:
     
    <?php echo $_SERVER['QUERY_STRING'];?>

  4. #4

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,154
    Thank Post
    114
    Thanked 527 Times in 450 Posts
    Blog Entries
    2
    Rep Power
    123
    Don't completely understand what you're trying to do but it looks like what ASP does using "htmlencode" - googling for that with PHP found this page which suggests that "htmlspecialchars" might do the tidying you need.

  5. #5

    Join Date
    Dec 2008
    Posts
    197
    Thank Post
    7
    Thanked 32 Times in 18 Posts
    Rep Power
    18
    Quote Originally Posted by vikpaw View Post
    Ok, so in the office now, this is ripped from some code i've got on the intranet.

    The following will display the query string i.e. everything after the question mark, on screen. You can put that in a variable and parse for data after URL. It's not the most elegant and i'm sure there's a way to pull back the lot using GET_ because it is an array command after all (i think).

    Code:
     
    <?php echo $_SERVER['QUERY_STRING'];?>
    Thanks will take a look.

  6. #6

    Join Date
    Dec 2008
    Posts
    197
    Thank Post
    7
    Thanked 32 Times in 18 Posts
    Rep Power
    18
    Quote Originally Posted by srochford View Post
    Don't completely understand what you're trying to do but it looks like what ASP does using "htmlencode" - googling for that with PHP found this page which suggests that "htmlspecialchars" might do the tidying you need.
    Was playing around with htmlspecialchars last night - could have just been too late for me to comprehend how to code properly. Shall give it another go today.

  7. #7

    Join Date
    Dec 2008
    Posts
    197
    Thank Post
    7
    Thanked 32 Times in 18 Posts
    Rep Power
    18
    Have edited my main post with a bit more detail - should make more sense now after some sleep

    Guess I better get up for work too

  8. #8

    Join Date
    Oct 2008
    Location
    Gosport
    Posts
    64
    Thank Post
    1
    Thanked 18 Times in 13 Posts
    Rep Power
    15
    If I've understood correctly, you're asking the user to enter a url which you later want to use in your feedback form. Sending this through GET will confuse things because any query string in the url will be interpreted as a query string for the current page. I don't think you can encode the value on form submission (to make the $_GET['url'] not stop on the first "&" thinking it's reached the end of the 'url' part), so to my mind the answer is to use POST. Change the method of your form (method="post"), and look in the $_POST[] array instead of $_GET. Things should be a lot more straightforward there.

    If I've not understood quite right, then maybe PHP: urlencode - Manual and/or PHP: urldecode - Manual could be helpful?

    Hello
    :-Dave

  9. #9

    Join Date
    Dec 2008
    Posts
    197
    Thank Post
    7
    Thanked 32 Times in 18 Posts
    Rep Power
    18
    I've attached an image.

    Typically I'd like the end user never to enter the url manually - it would end up with the form never being used. That's why I've been using GET because it pulls the value from the url which a CGI script creates.

    I'm thinking it may just be easier to have an optional field in the database to grab a "q=" value if exists.

    You can see the two fields on the form circled in red - these are normally hidden fields.
    Attached Images Attached Images

  10. #10

    Join Date
    Dec 2008
    Posts
    197
    Thank Post
    7
    Thanked 32 Times in 18 Posts
    Rep Power
    18
    Went for q as an additional value in the database!

SHARE:
+ Post New Thread

Similar Threads

  1. html/ js help
    By strawberry in forum Web Development
    Replies: 2
    Last Post: 10th October 2008, 12:13 PM
  2. html/ javascript help
    By strawberry in forum Coding
    Replies: 2
    Last Post: 2nd July 2008, 11:22 AM
  3. HTML Help
    By Shrimpersfan in forum Windows
    Replies: 6
    Last Post: 25th April 2008, 01:56 PM
  4. HTML Help with Outlook
    By robbied69 in forum Coding
    Replies: 4
    Last Post: 29th February 2008, 04:37 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •