php - "amp;" Precedes $_GET array element (parameter) name -

-

the below link issue-although ".amp;" (i seeing link not appearing pasted when view question before posting. i'm looking $_get variable name, remove amp; parameter name)

index.php?searchresults&searchstring=aliquippa&allwords=off

the $_get elements named amp; preceding name expect. example, $_get[amp;allwords'] how variables named. expect $_get['allwords'] format.

all links on 'site' built , returned standard class function applies htmlspecialchars final return value. each link constructed class function specific required task , returned through calling standard function. while links returned through same standard function, have 1 link misbehaving.

this link first time i've tried taking user input , passing (redirecting?) through $_get parm. it's &'s being doubled up. code not adding second ampersand.

as solution, found , tried htmlspecialchars_decode() against post variables. made no difference name assigned $_get parm. other decoding encoded , going through logic, i'm @ loss understanding. code building link in error looks same code building links work fine. links returned through standard function, applies htmlspecialchars. think links either work or not work, not mixture.

below code being used redirect when $_get array contains parm named 'search' - code suspect of injecting double &'s. have added writing log file in function , "double &'s" present in return value link::tosearchresults.

if (isset($_get['search'])) {     $this->msearchstring = $_post['search_string']; $this->mallwords = isset($_post['all_words']) ? $_post['all_words'] : 'off';      ob_clean();      header('http/1.1 302 found'); header('location: ' . link::tosearchresults($this->msearchstring, $this->mallwords));      flush();     ob_flush();     ob_end_clean();     exit; }

following tosearchresults function code:

$link = 'index.php?searchresults'; if (empty($searchstring)) $link .= '/'; else     $link .= '&searchstring=' . $searchstring;  $link .= '&allwords=' . $allwords;  return self::build($link);

following return standard class function build(). links passed through function before returning caller.

return htmlspecialchars($link, ent_quotes);

the problem occurs when pass values containing '&' through build method, escaping html special characters html entities. resulting link of form:

index.php?searchresults&searchstring=aliquippa&allwords=off

php's url parser not expect encounter html entities, because should not present in urls; therefore correctly splits query string on &, treating trailing amp; part of key. solve problem, not pass urls through htmlspecialchars().


Comments

Post a Comment

Popular posts from this blog

c++ - Creating new partition disk winapi -

-
i'am trying create new partition , mount volume new, thought createfile let me this, code : lpctstr lpfilename=l"\\\\.\\device\\harddisk0\\partition3"; handle handl=createfile( lpfilename, generic_read | generic_write, file_share_read | file_share_write, null, create_always, file_attribute_normal, null ); if (handl==invalid_handle_value) { qdebug()<<"handl invalid"<<" error"<<getlasterror();} bool success = definedosdevice(ddd_raw_target_path,l"i:",l"\\device\\harddisk0\\partition3"); if(!success) qdebug()<<" definedosdevice failed "<<getlasterror(); bflag = getvolumenameforvolumemountpoint( l"i:\\", // input volume mount point or directory /** u in dir
Read more

Android Prevent Bluetooth Pairing Dialog -

-
i'm developing internal application uses bluetooth printing. want bluetooth pairing occur without user input. have managed working trapping android.bluetooth.device.action.pairing_request broadcast. in broadcast receiver call setpin method, , pairing works ok, bluetoothpairingdialog displayed second or two, disappears - see link below. https://github.com/android/platform_packages_apps_settings/blob/master/src/com/android/settings/bluetooth/bluetoothpairingdialog.java since broadcast non-ordered, can't call abortbroadcast() , , wondering if there other way prevent pairing dialog appearing. can hook window manager in way? i haven't been able come way without modifying sdk. if you're oem, it's easy (i'm on 4.3): in packages/apps/settings/androidmanifest.xml, comment intent filter pairing dialog: <activity android:name=".bluetooth.bluetoothpairingdialog" android:label="@string/bluetooth_pairing_request"
Read more

php - joomla get content in onBeforeCompileHead function -

-
i'm developing joomla system plugin. need add javascript , css files if [myshortcode] shortcode found in content. how can content in onbeforecompilehead function function onbeforecompilehead() { $document = jfactory::getdocument(); //add scripts if shortcode found ... $document->addstylesheet($cssfile, 'text/css', null, array()); the $content = jresponse::getbody(); not work. thanks try this, for style sheet, $document = jfactory::getdocument(); $document->addstylesheet('http://domain.com/templates/css/style.css'); for javascript file $document = jfactory::getdocument(); $document->addscript('full url'); also can this, $document = jfactory::getdocument(); // add javascript $document->addscriptdeclaration(' window.event("domready", function() { alert("an inline javascript declaration"); }); '); // add styles $style = 'body {'
Read more