Menu
Community /Pin to ProfileBookmark
@NogDogJun 23.2021 — #
I don't think you want to do that. Did you try it?
What I'd might do:
And no, I'm not going to explain it all to you. Start athttps://php.net/parse_url and figure it out....@NogDog#1633292
Ha! I was gonna ask you top explain your code but then stumbled upon your last line.
I understood most of your code and added the following under your code to echo each arrays values but I get errors instead.
**http://nogdog.com/autos/cars/list.php?state=california&max_price=50000
Notice: Undefined variable: query_string_parts in C:xampphtdocsTemplatesPagination_Template.php on line 349
Warning: Invalid argument supplied for foreach() in C:xampphtdocsTemplatesPagination_Template.php on line 349
Notice: Undefined variable: q_key in C:xampphtdocsTemplatesPagination_Template.php on line 354
Warning: Invalid argument supplied for foreach() in C:xampphtdocsTemplatesPagination_Template.php on line 354
Notice: Undefined variable: q_value in C:xampphtdocsTemplatesPagination_Template.php on line 359
Warning: Invalid argument supplied for foreach() in C:xampphtdocsTemplatesPagination_Template.php on line 359
Notice: Undefined variable: query_string_parts in C:xampphtdocsTemplatesPagination_Template.php on line 364
Warning: Invalid argument supplied for foreach() in C:xampphtdocsTemplatesPagination_Template.php on line 364**
Full Code ...
@NogDogJun 23.2021 — #Those variables are local to the function definition. You cannot access them outside of it. @NogDog#1633294
Ok. Then, I tried adding them inside the function to access them:
Still no luck:
Anyway, which part of the section did you code ? Section 2 ? See my op.@NogDog ,
See this url:
$url = 'http://example.com/cat/subcat?var1=value1&var2=value2 ';
Do you see the 2 query strings ?
**var1=value1&var2=value2**
I need to add them to these 2 arrays:
$query_strings_keys[]
$query_strings_values[]
Then I need to echo each values of both arrays.
How to do this ?
Look at this attempt:
Where did I go wrong ?
I was given this code example:
I updated it to this:
So far, it does what I want but I will neaten it up a bit to look neat on the output.@Zorg#1633302
Thanks for your example code and effort! I appreciate it.
It is similar to what I posted above. But your's more neater on the output. I will try building from your's from here.
Just one question, why this line as without it the output makes no difference on screen:
Talking about the "rnrn";"
Would this be better instead ?
Here is your code. I just added following on 3 places of your code:
Zorg mate,
Can you update your code so php auto adds urlencode(), rawurlencode() onto the $url.
So, since $url = 'http://example.com/cat/subcat?var1=value1&var2=value2 ';
At the end, your php code should auto add urlencode(), rawurlencode() onto the appropriate places of the value of $url so you don;t have to manually add them. So now, $url value should auto be updated as:
$url = 'rawurlencode(http://example.com/cat/subcat ) .'?var1=' .urlencode(value1)' .'&var2=' .urlencode(value2);
Note that, if the query value is an INT then it should not be coded with urlencode() but intval().
To do what your asking using my example:
Go back and look at NogDog's example.
That version is condensed. I broke it down to help you understand.
Here's my revision:
@Zorg#1633370
Thank you very much Zorg! You really didn't have to breakdown NogDog's code after giving a version of your own already. I see your breakdown of NogDog's code doesn't have regex. Great!
I had a problem with NogDog's code due to not understanding regex. I try learning regex but forget it.
Somehow you understood I am struggling with his regex and you bent over backwards to update his code with a non-regex version. That is thinking in adv for us. You really should've been a school teacher! You'd guess their minds, before they tell you, and customize tutorials for each & everyone of them on an individual basis (like you done here!).
I usually don't ignore NogDog but the regex was too much for me and he knew I would ask him to explain his code. Hence in adv he hinted he doesn't have the time to explain it.@Zorg#1633370
Your code is 99% perfect. It's just you didn't turn the echoed urls into links.
I see echoed:
**http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13**
**http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000**
I want them turned into links so visitors can click over to them from my page.
Nevermind.
And so, I tried doing that. Turn them into links.
I updated your code from this (at the bottom):
To this (at the bottom):
I now get echoed links. So far, so good. But, the anchors of the two links show as:
**http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13**
**http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000**
Instead of showing as:
http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13
http://example.com/autos/cars/list.php?state=california&max_price=50000
When I click the links, I am taken to:
**http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13**
**http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000**
Instead of being taken to:
http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13
http://example.com/autos/cars/list.php?state=california&max_price=50000
How to fix this ? I don't see any purpose of encoding and then decoding here. I thought the browser was supposed to auto decode them ? Using Fire Fox.
How to fix this ?
Code CONTEXT:
@daveyerwinJun 30.2021 — #@developer_web#1633523 said ...
I don't see any purpose of encoding and then decoding here
_ _ _ _ _ _ _ _
neither do I
can you explain Why you are doing this ...
encodedUrl($url1)@developer_web#1633523
Encoding the whole URL is only really needed if you're passing the URL string as a param.
This prevents the browser from thinking that any reserved or unsafe characters in the string are part of the original URL.
For example:
From here you can decode it or store it, etc.
The function I wrote for you is to the specs you specified, but not necessary for the example above - that function is overkill & just an experiment but has no real practical use. I think.
A simple
Think of it as encoding helps prevent reserved or unsafe characters from being parsed by the browser. Allowing it to be passed to scripts to be decoded or stored in a database if needed.
[URL Encoding](https://www.tutorialrepublic.com/html-tutorial/html-url-encode.php) @DaveyErwin#1633534
Sorry. I haven't been online lately.
It was Zorg who did that bit:
He was testing with 2 different urls. See here:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
So, how-about you show us then how we should've done it because I've come to a dead-end now ?@Zorg#1633558
Thanks mate.
You said:
"Encoding the whole URL is only really needed if you're passing the URL string as a param."
That's exactly what I want to do. Your sample urls tell it all!
[](https://www.jiofilocalhtmllogin.in/) @DaveyErwin
So, where am I going wrong mate ?
I need the urls turned into links. And not in encoded form.
Above code echoes the url in encoded form. Like this:
**http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13
http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000**
Not good!
**NOTE: htmlentities() has already been added. Look on my code on the function's "return" line.**@daveyerwinJul 14.2021 — #@developer_web#1634145 said ...
I need the urls turned into links. And not in encoded form.
Above code echoes the url in encoded form. Like this:
http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13
http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000
Not good!
- - - - - - - - - - - - - - -
So you want the url's returned not in encoded form?
Simple solution ...
Do Not Encode the url
can you explain the purpose of the encoding ?
- - - - - - - - - -
developer_web said ...
I don't see any purpose of encoding and then decoding here
- - - - - - - - - - - - - - - - - - -
DaveyErwin said ...
neither do I
can you explain Why you are doing this ...
encodedUrl($url1)@DaveyErwin#1634150
You ask, why I did this:
encodedUrl($url1)
I didn't do it. It was Zorg's 2nd code:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
Not putting the blame on him though, as I told him to help me build a function that parses url and places the rawurlencode() on the file path and urlencode() and intval() on the query parts before echoing the user submitted url as a link on my page.
Ok, let's go back to his code and try amending it:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
Where should we amend ?
You see. Imagine you reading my article page and I provide a commenting section where you can leave your comment on my article. Now imagine you can leave your link on my article page via my html form. A form that looks something like this:
Now usually, I echo my own dynamic links or SERP links like this:
I used to do all this encoding so no user can add html tags or javascript to break the html of my page or to hijack any visitor to any malicious site. But now I learn from you guys that, that is not why you urlencode. And, to prevent all this malicious acts you just use the htmlentities() or the htmlspecialchars() before outputting any user submitted data (eg their links) on your page.
Q1.
So, can you confirm that, I should forget using rawurlencode() and urlencode() and intval() when echoing user's submitted dynamic link (url that contain query parts) on my article page and I should just echo the user's links like this:
Q2.
Because, if the above code is not good enough for security purpose to prevent my page from breaking up due to user's submitting malicious inputs when using my form and you deem I must make use of the rawurlencode(), urlencode() and inval() when outputting user submitted links (links that prove to be dynamic urls (urls containing query parts: ?, &, =)), then we got to fix Zorg's 2nd code, if we dont want to start from scratch:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
So that, when a user submits a dynamic link, something like this:
http://daveyerwin.com/autos/?keywords=cars&model=bmw&price=50000&page=10
Then that url doesn't get echoed simply like this:
But gets echoed like this (making use of rawurlencode, urlencode & intval), if that is how I REALLY should be echoing for security purpose]:
Is the above code ok or not ? Because, if it is ok, then we got to build the custom function that takes the user's url input, parses the url, places the rawurlencode() on the file path and the urlencode() and intval() on the query parts before echoing the input on my article page. This whole thread is about that.
We don't have to start from scratch. We can just amend Zorg's 2nd code, if you like:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
I, for sure tried amending it but result is fruitless. Do you want to give it a try ? Or you got a better way of coding ? If latter, then do let us see what you have in mind.
A shorter code would be nice.
Or, we could update NogDog's code:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2
His code just echoes a url and no link. Plus, his code is a bit adv for me. Don;t understand a few lines. hence, I stuckup with Zorg's code as that seem a little not so hard to understand by me.
Who'se code we both should update or you want to start from scratch to see if you can better their's ? I'm curious to see how much code cut down you can throw.
Thanks!@NogDog ,
Zorg suggested I stick to your code. But it's a bit over my head. Hence, can you fix it so no url gets echoed but a clickable link ?
Talking about this:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2
Btw, I thought you only urlencode() or intval() the value part of the query string in the url. But you are also urlencode() the key part of the query string. Why ?
**$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);**
I saw another tutorial doing this also. But why you do it ?
Talking about this:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2 @Zorg
Care to point out to me something ?
See below for 2 codes. Both make use of the urlencode().
But only the former's output is normal and not encoded while the latter's output is encoded. Why ? Since both are making use of the urlencode() then shouldn't both their outputs be in encoded format ?
What's the mystery, hey ?
NogDog's Code:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2
Zorg's 2nd code:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
@NogDog
This your code:
I don't understand this line due to the ternary thingy and so do you mind do you mind removing the ternary thing and writing it the other way so I can figure-out what you're doing here:
And, can you add intval() and rawurlencode() too where you added the urlencode() ?@Zorg
Care to point out to me something ?
See below for 2 codes. Both make use of the urlencode().
But only the former's output is normal and not encoded while the latter's output is encoded. Why ? Since both are making use of the urlencode() then shouldn't both their outputs be in encoded format ?
What's the mystery, hey ?
NogDog's Code:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2
Zorg's 2nd code:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
@NogDog
This your code:
I don't understand this line due to the ternary thingy and so do you mind do you mind removing the ternary thing and writing it the other way so I can figure-out what you're doing here:
And, can you add intval() and rawurlencode() too where you added the urlencode() ?@NogDog
This your code:
I don't understand this line due to the ternary thingy and so do you mind do you mind removing the ternary thing and writing it the other way so I can figure-out what you're doing here:
And, can you add intval() and rawurlencode() too where you added the urlencode() ?@Zorg
Care to point out to me something ?
See below for 2 codes. Both make use of the urlencode().
But only the former's output is normal and not encoded while the latter's output is encoded. Why ? Since both are making use of the urlencode() then shouldn't both their outputs be in encoded format ?
What's the mystery, hey ?
NogDog's Code:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2
Zorg's 2nd code:
https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
@sempervivum
Care top chime in on my previous post, if you know anything about urlencode() ?@NogDogAug 07.2021 — #
Why do you think you need to do that?@NogDog#1635255
**Reserved URL characters
! # $ % & ' ( ) * + , / : ; = ? @ [ ]
If any of these characters are used in a URL, they could prevent it from working correctly. Therefore they must be encoded (i.e. "transformed") so they don't interfere with the function of the URL. This is crucial when we are using PHP to output dynamic values to be used in URLs, such as in the query string.**
https://guides.codepath.com/websecurity/PHP-Encoding-for-URLs
In short NogDog, when user's submit their urls on my commenting section on my blog (blog php script that I am building) or when users submit their urls on my searchengine, they will submit urls with a variety of formats. Let's say their urls contain reserved chars. Then that would mess things up.
Now the question is: Why do urls contain these reserved chars in the first-place ? You tell me that NogDog.
As for me, I can think of one thing. They may submit a dynamic link like so:
nogdog.com/?search=dog+food
Now, if I echo like this on my page:
http://mysite.com/tracker.php?http://nogdog.com/?search=dog+food
As you can see, the "?" on your url part or the 2nd "?" on the above link would be considered invalid by the browser. Clicking:
http://mysite.com/tracker.php?http://nogdog.com/?search=dog+food
Would not take you to:
mysite.com/tracker.php?
then redirected to:
http://nogdog.com/?search=dog+food
That is one example I can think of.
Now your turn to wise me up and show me further examples how a url can breakup and how urlencode() saves us here. Remember, the more examples you show me the more I get out of the ignorant dark. I will wait for some examples from your end.@NogDog
It is you NogDog, who introduced me to urlencode() and intval() while I was building my pagination php script last year. Let me see if I can find those threads. I then researched on them and came across rawurlencode(). Hence, fiddling with these 3 and the htmlentities() and the htmlspecialchars(). Using all these 5 functions just to echo user submitted links on my blog or searchengine. That's all the fuss. Confused right now, when to use which function. Going back & forth for weeks now!@NogDog#1635255
Maybe one reason is for what you answered here:
https://www.webdeveloper.com/d/392409-questions-on-sql-injection-free-secure-url-outputs/2
EDIT:
Maybe another reason is for what you answered here:
https://www.webdeveloper.com/d/392032-why-becomes-funny-inside-urlencode/3 @NogDog
I answered your question. What can you input this way now ?
I updated your code.
This is your code:
It was outputting like this:
http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13
http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000
So, I changed this of your's:
to this:
And it seems to be working. As it's outputting:
http://example.com/cat/subcat?var_1=value+1&var2=2&this_other=thing&number_is=13
http://example.com/autos/cars/list.php?state=california&max_price=50000
But I am not sure if I put the raw_urlencode() in the right places or not and so best you check.
@NogDog
Did I put it in the right place ? Also, should not the $path be inside raw_urlencode like so ? raw_urlencode($path) ? However raw_urlencode($path) doesn't output right.@zorg
I fixed NogDog's code too:
https://www.webdeveloper.com/d/396863-i-fixed-nogdogs-code
How To Analyze Url To Auto Add Appropriate Encoding On Appropriate Spots ?
Php Gurus,
I need to parse user submitted urls before echoing their submitted urls on my page. Need to parse the urls as I won’t know what urls they will be submitting nor the structures of their urls.
On each submitted url, I need to add the key part of each query string on the $key array and the value part of each query string on the $value array. How to do this ?
Example, a user submits this url:
**FIRST STEP
In this example, I need the $key array to be populated with:
**state
max_price
And, I need the $value array to be populated with:
**california
50000
Then I need to echo each array’s values.
How to do this ?
**SECOND STEP
I need to auto add the appropriate encoding functions in the submitted url. So now I won’t be echoing like this:
echo ‘
But after parsing the url and after adding the appropriate encoding php functions in the correct spots of the url, I will be echoing like this:
echo rawurlencode(‘
Did you notice that, I auto added rawurlencode on the file path and urlencode on the query string’s values and did you notice that I added intval where the query string’s value was an INT ?
Now, I did all this additions manually here ofcourse to show you what I want php to do on auto-pilot.
**SUMMARY:
Need to get php to auto analyze the url and auto add the rawurlencode(), urlencode() and intval() where appropriate.
How to do this ?
Once these two steps are achieved, then I can say a custom php function just got built that analyzes submitted urls and encodes the urls with the appropriate encoding functions (rawurlencode, urlencode, intval, etc).
I don’t know how to start on this and so any code sample would be most appreciated.
This bad code didn’t work. Failed attempt:
[code]
print_r(parse_url($url)); echo ‘<br>’;
$keys = array(print_r(parse_url($url))); echo ‘<br>’;
foreach($keys as $key=>$value)
{
$key = array();
$value = array();
echo $key[‘0’]; echo ‘<br>’;
echo $value[‘0’]; echo ‘<br>’;
}
Sign in
to post a comment37 Comments(s) ↴
0
@NogDogJun 23.2021 — #>@developer_web#1633291 echo rawurlencode('[http://example.com/autos/cars/list.php](http://example.com/autos/cars/list.php) ')
I don't think you want to do that. Did you try it?
<i>
</i>echo rawurlencode('http://example.com/autos/cars/list.php');
// http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php
>@developer_web#1633291 Need to get php to auto analyze the url and auto add the rawurlencode(), urlencode() and intval() where appropriate.
What I'd might do:
<i>
</i>$url = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
And no, I'm not going to explain it all to you. Start at
reply?
0
@developer_webauthorJun 23.2021 — #Ha! I was gonna ask you top explain your code but then stumbled upon your last line.
I understood most of your code and added the following under your code to echo each arrays values but I get errors instead.
<i>
</i>foreach($query_string_parts as $query_string_part)
{
echo $query_string_part; echo '<br>';
}
foreach($q_key as $q_keyy)
{
echo $q_keyy; echo '<br>';
}
foreach($q_value as $q_valuee)
{
echo $q_valuee; echo '<br>';
}
foreach($query_string_parts as $query_string_part)
{
echo $query_string_part; echo '<br>';
}
**
Notice: Undefined variable: query_string_parts in C:xampphtdocsTemplatesPagination_Template.php on line 349
Warning: Invalid argument supplied for foreach() in C:xampphtdocsTemplatesPagination_Template.php on line 349
Notice: Undefined variable: q_key in C:xampphtdocsTemplatesPagination_Template.php on line 354
Warning: Invalid argument supplied for foreach() in C:xampphtdocsTemplatesPagination_Template.php on line 354
Notice: Undefined variable: q_value in C:xampphtdocsTemplatesPagination_Template.php on line 359
Warning: Invalid argument supplied for foreach() in C:xampphtdocsTemplatesPagination_Template.php on line 359
Notice: Undefined variable: query_string_parts in C:xampphtdocsTemplatesPagination_Template.php on line 364
Warning: Invalid argument supplied for foreach() in C:xampphtdocsTemplatesPagination_Template.php on line 364**
Full Code ...
<i>
</i><?php
$url = 'http://nogdog.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
foreach($query_string_parts as $query_string_part)
{
echo $query_string_part; echo '<br>';
}
foreach($q_key as $q_keyy)
{
echo $q_keyy; echo '<br>';
}
foreach($q_value as $q_valuee)
{
echo $q_valuee; echo '<br>';
}
?>
reply?
0
@NogDogJun 23.2021 — #reply?
0
@developer_webauthorJun 23.2021 — #Ok. Then, I tried adding them inside the function to access them:
Still no luck:
<i>
</i><?php
$url = 'http://nogdog.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
<i> </i>foreach($query_string_parts as $query_string_part)
<i> </i>{
<i> </i> echo $query_string_part; echo '<br>';
<i> </i>}
<i> </i>foreach($q_key as $q_keyy)
<i> </i>{
<i> </i> echo $q_keyy; echo '<br>';
<i> </i>}
<i> </i>foreach($q_value as $q_valuee)
<i> </i>{
<i> </i> echo $q_valuee; echo '<br>';
<i> </i>}
<i> </i>foreach($query_string_parts as $query_string_part)
<i> </i>{
<i> </i> echo $query_string_part; echo '<br>';
<i> </i>}
//return $url_out;
}
Anyway, which part of the section did you code ? Section 2 ? See my op.
reply?
0
@developer_webauthorJun 23.2021 — #See this url:
$url = '
Do you see the 2 query strings ?
**var1=value1&var2=value2**
I need to add them to these 2 arrays:
$query_strings_keys[]
$query_strings_values[]
Then I need to echo each values of both arrays.
How to do this ?
Look at this attempt:
<i>
</i><?php
$url = 'http://example.com/cat/subcat?var1=value1&var2=value2';
var_dump(parse_url($url));
$scheme = parse_url($url, PHP_URL_SCHEME);
$user = parse_url($url, PHP_URL_USER);
$pass = parse_url($url, PHP_URL_PASS);
$host = parse_url($url, PHP_URL_HOST);
$port = parse_url($url, PHP_URL_PORT);
$path = parse_url($url, PHP_URL_PATH);
$query_strings = parse_url($url, PHP_URL_QUERY);
$fragment = parse_url($url, PHP_URL_FRAGMENT);
echo $parsed_url = $scheme .'://' .$user .$pass .$host .$port .$path .'?' .$query_strings .$fragment;
echo '<br>';
$query_strings_array = array();
$query_strings_array[] = implode("&", $query_strings);
foreach ($query_strings_array as $key=>$value)
{
<i> </i>$query_strings_keys[] = $key;
<i> </i>$query_strings_values[] = $value;
<i> </i>
<i> </i>echo $query_strings_keys[-1];
<i> </i>echo $query_strings_values[-1];
}
?>
Where did I go wrong ?
reply?
0
@ZorgJun 24.2021 — #<i>
</i>$url = 'http://example.com/cat/subcat?var1=value1&var2=value2';
// parse url get query
$query_strings = parse_url($url, PHP_URL_QUERY);
$query_strings_array = [];
// parse query into array
parse_str($query_strings, $query_strings_array);
// separate keys
$query_strings_keys = array_keys($query_strings_array);
// separate values
$query_strings_values = array_values($query_strings_array);
echo $url . "rnrn";
// loop and echo
for($i=0; $i<count($query_strings_array); $i++){
$num = $i+1;
$k = $query_strings_keys[$i];
$v = $query_strings_values[$i];
echo "#{$num} Key: {$k} Value: {$v} rn";
}
// keys array
print_r($query_strings_keys);
// values array
print_r($query_strings_values);
reply?
0
@developer_webauthorJun 25.2021 — #Folks,I was given this code example:
<i>
</i><?php
$url = 'http://example.com/cat/subcat?var1=value1&var2=value2';
// Get query string from the URL
$query_string = parse_url($url, PHP_URL_QUERY);
// Split the query string into individual parameters and return it in $arr
parse_str($query_string, $arr);
// Store keys i.e. parameter names in $keys
$keys = array_keys($arr);
// Store values i.e. parameter values in $values
$values = array_values($arr);
// print
print_r($keys); echo '<br>';
print_r($values); echo '<br>';
?>
I updated it to this:
<i>
</i>$url = 'http://example.com/cat/subcat?var1=value1&var2=value2';
$scheme = parse_url($url, PHP_URL_SCHEME);
$user = parse_url($url, PHP_URL_USER);
$pass = parse_url($url, PHP_URL_PASS);
$host = parse_url($url, PHP_URL_HOST);
$port = parse_url($url, PHP_URL_PORT);
$path = parse_url($url, PHP_URL_PATH);
//$query_strings = parse_url($url, PHP_URL_QUERY);
$fragment = parse_url($url, PHP_URL_FRAGMENT);
//echo $parsed_url = $scheme .'://' .$user .$pass .$host .$port .$path .'?' .$query_strings .$fragment;
echo '<br>'; echo '<br>';
// Get query string from the URL
$query_strings = parse_url($url, PHP_URL_QUERY);
// Split the query string into individual parameters and return it in $arr
parse_str($query_strings, $arr);
// Store keys i.e. parameter names in $keys
$keys = array_keys($arr);
// Store values i.e. parameter values in $values
$values = array_values($arr);
// print
print_r($arr); echo '<br>';
print_r($keys); echo '<br>';
print_r($values); echo '<br>';
?>
So far, it does what I want but I will neaten it up a bit to look neat on the output.
reply?
0
@developer_webauthorJun 25.2021 — #Thanks for your example code and effort! I appreciate it.
It is similar to what I posted above. But your's more neater on the output. I will try building from your's from here.
Just one question, why this line as without it the output makes no difference on screen:
<i>
</i>echo $url . "rnrn";
Talking about the "rnrn";"
Would this be better instead ?
<i>
</i>echo $url;
echo '<br>'; //Added this line.
Here is your code. I just added following on 3 places of your code:
<i>
</i>echo '<br>'; //Added this line.
[code]
Zorg Code Amended
[code]
$url = 'http://example.com/cat/subcat?var1=value1&var2=value2';
// parse url get query
$query_strings = parse_url($url, PHP_URL_QUERY);
$query_strings_array = [];
// parse query into array
parse_str($query_strings, $query_strings_array);
// separate keys
$query_strings_keys = array_keys($query_strings_array);
// separate values
$query_strings_values = array_values($query_strings_array);
echo $url . "rnrn";
echo '<br>'; //Added this line.
// loop and echo
for($i=0; $i<count($query_strings_array); $i++){
$num = $i+1;
$k = $query_strings_keys[$i];
$v = $query_strings_values[$i];
echo "#{$num} Key: {$k} Value: {$v} rn";
}
echo '<br>'; //Added this line.
// keys array
print_r($query_strings_keys);
echo '<br>'; //Added this line.
// values array
print_r($query_strings_values);
echo '<br>'; //Added this line.
?>
Zorg mate,
Can you update your code so php auto adds urlencode(), rawurlencode() onto the $url.
So, since $url = '
At the end, your php code should auto add urlencode(), rawurlencode() onto the appropriate places of the value of $url so you don;t have to manually add them. So now, $url value should auto be updated as:
$url = 'rawurlencode(
Note that, if the query value is an INT then it should not be coded with urlencode() but intval().
reply?
0
@ZorgJun 26.2021 — #Delete the "rnrn"To do what your asking using my example:
<i>
</i>function encodedUrl($url){
$query_strings_array = [];
$query_string_parts = [];
// parse URL & get query
$scheme = parse_url($url, PHP_URL_SCHEME);
$host = parse_url($url, PHP_URL_HOST);
$path = parse_url($url, PHP_URL_PATH);
$query_strings = parse_url($url, PHP_URL_QUERY);
<i> </i> // parse query into array
<i> </i> parse_str($query_strings, $query_strings_array);
<i> </i>
<i> </i> // separate keys & values
<i> </i> $query_strings_keys = array_keys($query_strings_array);
<i> </i> $query_strings_values = array_values($query_strings_array);
<i> </i>
<i> </i> // loop query
<i> </i> for($i = 0; $i < count($query_strings_array); $i++){
<i> </i> $k = urlencode($query_strings_keys[$i]);
<i> </i> $v = $query_strings_values[$i];
<i> </i> $val = is_numeric($v) ? intval($v) : urlencode($v);
<i> </i>
<i> </i> $query_string_parts[] = "{$k}={$val}";
<i> </i> }
<i> </i>
<i> </i> // re-assemble URL
<i> </i> $encodedHostPath = rawurlencode("{$scheme}://{$host}{$path}");
<i> </i>
<i> </i> return $encodedHostPath . '?' . implode('&', $query_string_parts);
}
$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
echo encodedUrl($url1);
echo '<br/>';
echo encodedUrl($url2);
echo '<br/>';
Go back and look at NogDog's example.
That version is condensed. I broke it down to help you understand.
Here's my revision:
<i>
</i>function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
// re-assemble the start of url string
$url_start = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_start .= "://{$url_parts['host']}{$url_parts['path']}";
// rawurlencode the start of url string
$url_out = rawurlencode($url_start);
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
// assemble and check if value is numeric
$query_string_parts[] = urlencode($q_key).'='.(is_numeric($q_value) ? intval($q_value) :urlencode($q_value));
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
$url = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
echo prepare_url($url);
reply?
0
@developer_webauthorJun 26.2021 — #Thank you very much Zorg! You really didn't have to breakdown NogDog's code after giving a version of your own already. I see your breakdown of NogDog's code doesn't have regex. Great!
I had a problem with NogDog's code due to not understanding regex. I try learning regex but forget it.
Somehow you understood I am struggling with his regex and you bent over backwards to update his code with a non-regex version. That is thinking in adv for us. You really should've been a school teacher! You'd guess their minds, before they tell you, and customize tutorials for each & everyone of them on an individual basis (like you done here!).
I usually don't ignore NogDog but the regex was too much for me and he knew I would ask him to explain his code. Hence in adv he hinted he doesn't have the time to explain it.
reply?
0
@developer_webauthorJun 30.2021 — #Your code is 99% perfect. It's just you didn't turn the echoed urls into links.
I see echoed:
**http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13**
**http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000**
I want them turned into links so visitors can click over to them from my page.
Nevermind.
And so, I tried doing that. Turn them into links.
I updated your code from this (at the bottom):
<i>
</i>$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
echo encodedUrl($url1);
echo '<br/>';
echo encodedUrl($url2);
echo '<br/>';
To this (at the bottom):
<i>
</i>$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
$encoded_url1 = encodedUrl($url1);
$encoded_url2 = encodedUrl($url2);
echo $link1 = '<a href=' ."$encoded_url1" .'>' ."$encoded_url1" .'</a>';
echo '<br/>';
echo $link2 = '<a href=' ."$$encoded_url2" .'>' ."$encoded_url2". '</a>';
echo '<br/>';
I now get echoed links. So far, so good. But, the anchors of the two links show as:
**http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13**
**http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000**
Instead of showing as:
When I click the links, I am taken to:
**http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13**
**http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000**
Instead of being taken to:
How to fix this ? I don't see any purpose of encoding and then decoding here. I thought the browser was supposed to auto decode them ? Using Fire Fox.
How to fix this ?
Code CONTEXT:
<i>
</i>function encodedUrl($url){
$query_strings_array = [];
$query_string_parts = [];
// parse URL & get query
$scheme = parse_url($url, PHP_URL_SCHEME);
$host = parse_url($url, PHP_URL_HOST);
$path = parse_url($url, PHP_URL_PATH);
$query_strings = parse_url($url, PHP_URL_QUERY);
<i> </i>// parse query into array
<i> </i>parse_str($query_strings, $query_strings_array);
<i> </i>// separate keys & values
$query_strings_keys = array_keys($query_strings_array);
$query_strings_values = array_values($query_strings_array);
// loop query
for($i = 0; $i < count($query_strings_array); $i++){
$k = urlencode($query_strings_keys[$i]);
$v = $query_strings_values[$i];
$val = is_numeric($v) ? intval($v) : urlencode($v);
<br/>
<i> </i> $query_string_parts[] = "{$k}={$val}";
}
// re-assemble URL
$encodedHostPath = rawurlencode("{$scheme}://{$host}{$path}");
return $encodedHostPath . '?' . implode('&', $query_string_parts);
}
$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
// run urls thru function & echo
$encoded_url1 = encodedUrl($url1);
$encoded_url2 = encodedUrl($url2);
echo $link1 = '<a href=' ."$encoded_url1" .'>' ."$encoded_url1" .'</a>';
echo '<br/>';
echo $link2 = '<a hre
reply?
0
@daveyerwinJun 30.2021 — #I don't see any purpose of encoding and then decoding here
_ _ _ _ _ _ _ _
neither do I
can you explain Why you are doing this ...
encodedUrl($url1)
reply?
0
@ZorgJul 01.2021 — #Encoding the whole URL is only really needed if you're passing the URL string as a param.
This prevents the browser from thinking that any reserved or unsafe characters in the string are part of the original URL.
For example:
<i>
</i>// http://example.com/cat/subcat is the URL you're going to be navigating to
// urlencode('http://example.com/autos/cars/list.php?state=california&max_price=50000') is this:
http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php%3Fstate%3Dcalifornia%26max_price%3D50000
// pass the URL string to the subcat page you would link it like this
http://example.com/cat/subcat?url=http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php%3Fstate%3Dcalifornia%26max_price%3D50000
// HTML of the link would be:
<a href="http://example.com/cat/subcat?url=http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php%3Fstate%3Dcalifornia%26max_price%3D50000" target="_blank">
// on subcat page $_GET['url'] would be:
$_GET['url'] = 'http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php%3Fstate%3Dcalifornia%26max_price%3D50000'
From here you can decode it or store it, etc.
The function I wrote for you is to the specs you specified, but not necessary for the example above - that function is overkill & just an experiment but has no real practical use. I think.
A simple
urlencode()Think of it as encoding helps prevent reserved or unsafe characters from being parsed by the browser. Allowing it to be passed to scripts to be decoded or stored in a database if needed.
reply?
0
@developer_webauthorJul 05.2021 — #Sorry. I haven't been online lately.
It was Zorg who did that bit:
<i>
</i>$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
echo encodedUrl($url1);
echo '<br/>';
echo encodedUrl($url2);
echo '<br/>';
He was testing with 2 different urls. See here:
So, how-about you show us then how we should've done it because I've come to a dead-end now ?
reply?
0
@developer_webauthorJul 05.2021 — #Thanks mate.
You said:
"Encoding the whole URL is only really needed if you're passing the URL string as a param."
That's exactly what I want to do. Your sample urls tell it all!
reply?
0
@jiofisagulJul 08.2021 — #Really thanks for this admin. Try the below URL to get into the login page of jiofi.reply?
0
@developer_webauthorJul 14.2021 — #So, where am I going wrong mate ?
<i>
</i><?php
function encodedUrledited($url){
$query_strings_array = [];
$query_string_parts = [];
// parse URL & get query
$scheme = parse_url($url, PHP_URL_SCHEME);
$host = parse_url($url, PHP_URL_HOST);
$path = parse_url($url, PHP_URL_PATH);
$query_strings = parse_url($url, PHP_URL_QUERY);
<i> </i>// parse query into array
<i> </i>parse_str($query_strings, $query_strings_array);
<i> </i>// separate keys & values
$query_strings_keys = array_keys($query_strings_array);
$query_strings_values = array_values($query_strings_array);
// loop query
for($i = 0; $i < count($query_strings_array); $i++){
$k = urlencode($query_strings_keys[$i]);
$v = $query_strings_values[$i];
$val = is_numeric($v) ? intval($v) : urlencode($v);
<br/>
<i> </i> $query_string_parts[] = "{$k}={$val}";
}
// re-assemble URL
$encodedHostPath = rawurlencode("{$scheme}://{$host}{$path}");
//return $encodedHostPath . '?' .implode('&', $query_string_parts);
return $encodedHostPath . '?' .htmlentities(implode('&', $query_string_parts));
}
if(!ISSET($_POST['url1']) && empty($_POST['url1']) && !ISSET($_POST['url2']) && empty($_POST['url2']))
{
//Default Values for Substituting empty User Inputs.
$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
}
else
{
//user has made following inputs...
$encoded_url1 = encodedUrledited($_POST['url1']);
$encoded_url2 = encodedUrledited($_POST['url2']);
}
echo $link1 = '<a href=' .$encoded_url1 .'>' .$encoded_url1 .'</a>';
echo '<br/>';
echo $link2 = '<a href=' .$encoded_url2 .'>' .$encoded_url2. '</a>';
echo '<br>';
?>
I need the urls turned into links. And not in encoded form.
Above code echoes the url in encoded form. Like this:
**http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13
http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000**
Not good!
**NOTE: htmlentities() has already been added. Look on my code on the function's "return" line.**
reply?
0
@daveyerwinJul 14.2021 — #I need the urls turned into links. And not in encoded form.
Above code echoes the url in encoded form. Like this:
http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13
http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000
Not good!
- - - - - - - - - - - - - - -
So you want the url's returned not in encoded form?
Simple solution ...
Do Not Encode the url
can you explain the purpose of the encoding ?
- - - - - - - - - -
developer_web said ...
I don't see any purpose of encoding and then decoding here
- - - - - - - - - - - - - - - - - - -
DaveyErwin said ...
neither do I
can you explain Why you are doing this ...
encodedUrl($url1)
reply?
0
@developer_webauthorJul 15.2021 — #You ask, why I did this:
encodedUrl($url1)
I didn't do it. It was Zorg's 2nd code:
Not putting the blame on him though, as I told him to help me build a function that parses url and places the rawurlencode() on the file path and urlencode() and intval() on the query parts before echoing the user submitted url as a link on my page.
Ok, let's go back to his code and try amending it:
Where should we amend ?
You see. Imagine you reading my article page and I provide a commenting section where you can leave your comment on my article. Now imagine you can leave your link on my article page via my html form. A form that looks something like this:
<i>
</i><form method = 'POST'>
<label for='find'>Name</label>
<input type='text' name='name' id='name'>
<br>
<label for='url'>Url</label>
<input type='text' name='url' id='url'>
<br>
<label for='link_'description'>Link Description</label>
<input type='text' name='link_description' id='link_description'>
<button type='submit'>Submit!</button>
</form>
Now usually, I echo my own dynamic links or SERP links like this:
<i>
</i>echo $serp_url = rawurlencode(https://localhost/Templates/url_encode_Template.php) . '?search=' .urlencode(keyword) .'&tbl=' .'urlencode(links) .'&col=' .urlencode(keyword) .'&max=100' .'&page=' .intval(1)
I used to do all this encoding so no user can add html tags or javascript to break the html of my page or to hijack any visitor to any malicious site. But now I learn from you guys that, that is not why you urlencode. And, to prevent all this malicious acts you just use the htmlentities() or the htmlspecialchars() before outputting any user submitted data (eg their links) on your page.
Q1.
So, can you confirm that, I should forget using rawurlencode() and urlencode() and intval() when echoing user's submitted dynamic link (url that contain query parts) on my article page and I should just echo the user's links like this:
<i>
</i><form method = 'POST'>
<label for='find'>Name</label>
<input type='text' name='name' id='name'>
<br>
<label for='url'>Url</label>
<input type='text' name='url' id='url'>
<br>
<label for='link_'description'>Link Description</label>
<input type='text' name='link_description' id='link_description'>
<button type='submit'>Submit!</button>
</form>
<?php
$user_submitted_name = $_POST[name];
$user_submitted_url = $_POST[url];
$user_submitted_link_description = $_POST[link_description];
echo htmlspecialchars($user_submitted_name);
echo htmlspecialchars($user_submitted_url);
echo htmlspecialchars($user_submitted_link_description);
?>
Q2.
Because, if the above code is not good enough for security purpose to prevent my page from breaking up due to user's submitting malicious inputs when using my form and you deem I must make use of the rawurlencode(), urlencode() and inval() when outputting user submitted links (links that prove to be dynamic urls (urls containing query parts: ?, &, =)), then we got to fix Zorg's 2nd code, if we dont want to start from scratch:
So that, when a user submits a dynamic link, something like this:
Then that url doesn't get echoed simply like this:
<i>
</i><form method = 'POST'>
<label for='find'>Name</label>
<input type='text' name='name' id='name'>
<br>
<label for='url'>Url</label>
<input type='text' name='url' id='url'>
<br>
<label for='link_'description'>Link Description</label>
<input type='text' name='link_description' id='link_description'>
<button type='submit'>Submit!</button>
</form>
<?php
$user_submitted_name = $_POST[name];
$user_submitted_url = $_POST[url];
$user_submitted_link_description = $_POST[link_description];
echo $user_submitted_name;
echo $user_submitted_url;
echo $user_submitted_link_description;
?>
But gets echoed like this (making use of rawurlencode, urlencode & intval), if that is how I REALLY should be echoing for security purpose]:
<i>
</i><form method = 'POST'>
<label for='find'>Name</label>
<input type='text' name='name' id='name'>
<br>
<label for='url'>Url</label>
<input type='text' name='url' id='url'>
<br>
<label for='link_'description'>Link Description</label>
<input type='text' name='link_description' id='link_description'>
<button type='submit'>Submit!</button>
</form>
<?php
$user_submitted_name = $_POST[name];
$user_submitted_url = $_POST[url]; //Url is: daveyerwin.com/autos/keywords=cars&model=bmw&price=50000&page=10
$user_submitted_link_description = $_POST[link_description];
echo htmlspecialchars($user_submitted_name);
echo '<br>';
$url_secured = rawurlencode(http://daveyerwin.com/autos/) .'?keywords=' .urlencode(cars) .'&model=' .urlencode(bmw) .'&price=' .intval(50000) .'&page=' .intval(10);
echo '<br>';
echo '<a href=' .htmlspecialchars($url_secured) .'>' .htmlspecialchars($url_secured) .'</a>' ;
echo '<br>';
echo htmlspecialchars($user_submitted_link_description);
?>
Is the above code ok or not ? Because, if it is ok, then we got to build the custom function that takes the user's url input, parses the url, places the rawurlencode() on the file path and the urlencode() and intval() on the query parts before echoing the input on my article page. This whole thread is about that.
We don't have to start from scratch. We can just amend Zorg's 2nd code, if you like:
I, for sure tried amending it but result is fruitless. Do you want to give it a try ? Or you got a better way of coding ? If latter, then do let us see what you have in mind.
A shorter code would be nice.
Or, we could update NogDog's code:
His code just echoes a url and no link. Plus, his code is a bit adv for me. Don;t understand a few lines. hence, I stuckup with Zorg's code as that seem a little not so hard to understand by me.
Who'se code we both should update or you want to start from scratch to see if you can better their's ? I'm curious to see how much code cut down you can throw.
Thanks!
reply?
0
@developer_webauthorJul 15.2021 — #Zorg suggested I stick to your code. But it's a bit over my head. Hence, can you fix it so no url gets echoed but a clickable link ?
Talking about this:
Btw, I thought you only urlencode() or intval() the value part of the query string in the url. But you are also urlencode() the key part of the query string. Why ?
**$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);**
I saw another tutorial doing this also. But why you do it ?
Talking about this:
reply?
0
@developer_webauthorJul 15.2021 — #Care to point out to me something ?
See below for 2 codes. Both make use of the urlencode().
But only the former's output is normal and not encoded while the latter's output is encoded. Why ? Since both are making use of the urlencode() then shouldn't both their outputs be in encoded format ?
What's the mystery, hey ?
NogDog's Code:
<i>
</i><?php
//NogDog's Code
//https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2
$url = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
?>
Zorg's 2nd code:
<i>
</i><?php
//Zorg's 2nd code (updating NogDog's by substituting the regex). To auto add urlencode(), rawurlencode() & intval().
//https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
function encodedUrl($url){
$query_strings_array = [];
$query_string_parts = [];
// parse URL & get query
$scheme = parse_url($url, PHP_URL_SCHEME);
$host = parse_url($url, PHP_URL_HOST);
$path = parse_url($url, PHP_URL_PATH);
$query_strings = parse_url($url, PHP_URL_QUERY);
<i> </i>// parse query into array
<i> </i>parse_str($query_strings, $query_strings_array);
<i> </i>// separate keys & values
$query_strings_keys = array_keys($query_strings_array);
$query_strings_values = array_values($query_strings_array);
// loop query
for($i = 0; $i < count($query_strings_array); $i++){
$k = urlencode($query_strings_keys[$i]);
$v = $query_strings_values[$i];
$val = is_numeric($v) ? intval($v) : urlencode($v);
<br/>
<i> </i> $query_string_parts[] = "{$k}={$val}";
}
// re-assemble URL
$encodedHostPath = rawurlencode("{$scheme}://{$host}{$path}");
return $encodedHostPath . '?' . implode('&', $query_string_parts);
}
$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
// run urls thru function & echo
echo $encoded_url1 = encodedUrl($url1); echo '<br>';
echo $encoded_url2 = encodedUrl($url2); echo '<br>';
?>
reply?
0
@developer_webauthorAug 07.2021 — #This your code:
<i>
</i>$url = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
I don't understand this line due to the ternary thingy and so do you mind do you mind removing the ternary thing and writing it the other way so I can figure-out what you're doing here:
<i>
</i>$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
And, can you add intval() and rawurlencode() too where you added the urlencode() ?
reply?
0
@developer_webauthorAug 07.2021 — #Care to point out to me something ?
See below for 2 codes. Both make use of the urlencode().
But only the former's output is normal and not encoded while the latter's output is encoded. Why ? Since both are making use of the urlencode() then shouldn't both their outputs be in encoded format ?
What's the mystery, hey ?
NogDog's Code:
<i>
</i><?php
//NogDog's Code
//https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2
$url = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
?>
Zorg's 2nd code:
<i>
</i><?php
//Zorg's 2nd code (updating NogDog's by substituting the regex). To auto add urlencode(), rawurlencode() & intval().
//https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
function encodedUrl($url){
$query_strings_array = [];
$query_string_parts = [];
// parse URL & get query
$scheme = parse_url($url, PHP_URL_SCHEME);
$host = parse_url($url, PHP_URL_HOST);
$path = parse_url($url, PHP_URL_PATH);
$query_strings = parse_url($url, PHP_URL_QUERY);
<i> </i>// parse query into array
<i> </i>parse_str($query_strings, $query_strings_array);
<i> </i>// separate keys & values
$query_strings_keys = array_keys($query_strings_array);
$query_strings_values = array_values($query_strings_array);
// loop query
for($i = 0; $i < count($query_strings_array); $i++){
$k = urlencode($query_strings_keys[$i]);
$v = $query_strings_values[$i];
$val = is_numeric($v) ? intval($v) : urlencode($v);
<br/>
<i> </i> $query_string_parts[] = "{$k}={$val}";
}
// re-assemble URL
$encodedHostPath = rawurlencode("{$scheme}://{$host}{$path}");
return $encodedHostPath . '?' . implode('&', $query_string_parts);
}
$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
// run urls thru function & echo
echo $encoded_url1 = encodedUrl($url1); echo '<br>';
echo $encoded_url2 = encodedUrl($url2); echo '<br>';
?>
reply?
0
@developer_webauthorAug 07.2021 — #This your code:
<i>
</i>$url = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
I don't understand this line due to the ternary thingy and so do you mind do you mind removing the ternary thing and writing it the other way so I can figure-out what you're doing here:
<i>
</i>$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
And, can you add intval() and rawurlencode() too where you added the urlencode() ?
reply?
0
@developer_webauthorAug 07.2021 — #This your code:
<i>
</i>$url = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
I don't understand this line due to the ternary thingy and so do you mind do you mind removing the ternary thing and writing it the other way so I can figure-out what you're doing here:
<i>
</i>$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
And, can you add intval() and rawurlencode() too where you added the urlencode() ?
reply?
0
@developer_webauthorAug 07.2021 — #Care to point out to me something ?
See below for 2 codes. Both make use of the urlencode().
But only the former's output is normal and not encoded while the latter's output is encoded. Why ? Since both are making use of the urlencode() then shouldn't both their outputs be in encoded format ?
What's the mystery, hey ?
NogDog's Code:
<i>
</i><?php
//NogDog's Code
//https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/2
$url = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
echo prepare_url($url) . "n";
function prepare_url($url) {
$url_parts = parse_url($url);
if($url_parts === false or empty($url_parts['host'])) {
return false;
}
$url_out = preg_match('/^https?/i', $url_parts['scheme']) ? strtolower($url_parts['scheme']) : 'https';
$url_out .= "://{$url_parts['host']}{$url_parts['path']}";
if(!empty($url_parts['query'])) {
parse_str($url_parts['query'], $query_parts);
foreach($query_parts as $q_key => $q_value) {
$query_string_parts[] = urlencode($q_key).'='.urlencode($q_value);
}
$url_out .= '?'.implode('&', $query_string_parts);
}
return $url_out;
}
?>
Zorg's 2nd code:
<i>
</i><?php
//Zorg's 2nd code (updating NogDog's by substituting the regex). To auto add urlencode(), rawurlencode() & intval().
//https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
function encodedUrl($url){
$query_strings_array = [];
$query_string_parts = [];
// parse URL & get query
$scheme = parse_url($url, PHP_URL_SCHEME);
$host = parse_url($url, PHP_URL_HOST);
$path = parse_url($url, PHP_URL_PATH);
$query_strings = parse_url($url, PHP_URL_QUERY);
// parse query into array
parse_str($query_strings, $query_strings_array);
// separate keys & values
$query_strings_keys = array_keys($query_strings_array);
$query_strings_values = array_values($query_strings_array);
// loop query
for($i = 0; $i < count($query_strings_array); $i++){
$k = urlencode($query_strings_keys[$i]);
$v = $query_strings_values[$i];
$val = is_numeric($v) ? intval($v) : urlencode($v);
<br/>
$query_string_parts[] = "{$k}={$val}";
}
// re-assemble URL
$encodedHostPath = rawurlencode("{$scheme}://{$host}{$path}");
return $encodedHostPath . '?' . implode('&', $query_string_parts);
}
$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
// run urls thru function & echo
echo $encoded_url1 = encodedUrl($url1); echo '<br>';
echo $encoded_url2 = encodedUrl($url2); echo '<br>';
?>
reply?
0
@developer_webauthorAug 07.2021 — #Care top chime in on my previous post, if you know anything about urlencode() ?
reply?
0
@NogDogAug 07.2021 — #>@developer_web#1635248 And, can you add intval() and rawurlencode() too where you added the urlencode() ?
Why do you think you need to do that?
reply?
0
@developer_webauthorAug 07.2021 — #**Reserved URL characters
! # $ % & ' ( ) * + , / : ; = ? @ [ ]
If any of these characters are used in a URL, they could prevent it from working correctly. Therefore they must be encoded (i.e. "transformed") so they don't interfere with the function of the URL. This is crucial when we are using PHP to output dynamic values to be used in URLs, such as in the query string.**
In short NogDog, when user's submit their urls on my commenting section on my blog (blog php script that I am building) or when users submit their urls on my searchengine, they will submit urls with a variety of formats. Let's say their urls contain reserved chars. Then that would mess things up.
Now the question is: Why do urls contain these reserved chars in the first-place ? You tell me that NogDog.
As for me, I can think of one thing. They may submit a dynamic link like so:
nogdog.com/?search=dog+food
Now, if I echo like this on my page:
As you can see, the "?" on your url part or the 2nd "?" on the above link would be considered invalid by the browser. Clicking:
Would not take you to:
mysite.com/tracker.php?
then redirected to:
That is one example I can think of.
Now your turn to wise me up and show me further examples how a url can breakup and how urlencode() saves us here. Remember, the more examples you show me the more I get out of the ignorant dark. I will wait for some examples from your end.
reply?
0
@developer_webauthorAug 07.2021 — #It is you NogDog, who introduced me to urlencode() and intval() while I was building my pagination php script last year. Let me see if I can find those threads. I then researched on them and came across rawurlencode(). Hence, fiddling with these 3 and the htmlentities() and the htmlspecialchars(). Using all these 5 functions just to echo user submitted links on my blog or searchengine. That's all the fuss. Confused right now, when to use which function. Going back & forth for weeks now!
reply?
0
@developer_webauthorAug 07.2021 — #Maybe one reason is for what you answered here:
EDIT:
Maybe another reason is for what you answered here:
reply?
0
@developer_webauthorAug 18.2021 — #I answered your question. What can you input this way now ?
reply?
0
@developer_webauthorSep 23.2021 — #Zorg,I updated your code.
This is your code:
<?php
//Zorg's 2nd code (updating NogDog's by substituting the regex). To auto add urlencode(), rawurlencode() & intval().
//https://www.webdeveloper.com/d/394997-how-to-analyze-url-to-auto-add-appropriate-encoding-on-appropriate-spots/10
function encodedUrl($url){
$query_strings_array = [];
$query_string_parts = [];
// parse URL & get query
$scheme = parse_url($url, PHP_URL_SCHEME);
$host = parse_url($url, PHP_URL_HOST);
$path = parse_url($url, PHP_URL_PATH);
$query_strings = parse_url($url, PHP_URL_QUERY);
// parse query into array
parse_str($query_strings, $query_strings_array);
// separate keys & values
$query_strings_keys = array_keys($query_strings_array);
$query_strings_values = array_values($query_strings_array);
// loop query
for($i = 0; $i < count($query_strings_array); $i++){
$k = urlencode($query_strings_keys[$i]);
$v = $query_strings_values[$i];
$val = is_numeric($v) ? intval($v) : urlencode($v);
$query_string_parts[] = "{$k}={$val}";
}
// re-assemble URL
$encodedHostPath = rawurlencode("{$scheme}://{$host}{$path}");
return $encodedHostPath . '?' . implode('&', $query_string_parts);
}
$url1 = 'http://example.com/cat/subcat?var 1=value 1&var2=2&this other=thing&number is=13';
$url2 = 'http://example.com/autos/cars/list.php?state=california&max_price=50000';
// run urls thru function & echo
// run urls thru function & echo
echo $encoded_url1 = encodedUrl($url1); echo '<br>';
echo $encoded_url2 = encodedUrl($url2); echo '<br>';
?>
It was outputting like this:
http%3A%2F%2Fexample.com%2Fcat%2Fsubcat?var_1=value+1&var2=2&this_other=thing&number_is=13
http%3A%2F%2Fexample.com%2Fautos%2Fcars%2Flist.php?state=california&max_price=50000
So, I changed this of your's:
<i>
</i>$encodedHostPath = rawurlencode("{$scheme}://{$host}{$path}");
to this:
<i>
</i>$encodedHostPath = rawurlencode("{$scheme}").'://'.rawurlencode("{$host}").$path;
And it seems to be working. As it's outputting:
But I am not sure if I put the raw_urlencode() in the right places or not and so best you check.
Did I put it in the right place ? Also, should not the $path be inside raw_urlencode like so ? raw_urlencode($path) ? However raw_urlencode($path) doesn't output right.
reply?
0
@developer_webauthorSep 26.2021 — #I fixed NogDog's code too:
reply?