?
Solved

URL POST parameters syntax question

Posted on 2007-11-30
11
Medium Priority
?
2,142 Views
Last Modified: 2010-04-21
I send out emails with URLs to my clients' invoices, of the form
domain.com/invoice.php?i=123&k=456
(where k is a sort of password key)
out of several hundred clients, only one has reported a problem.
it seems that his mailreader (on a mac) is making (and displaying) the link to show
the ampersand &   as the html character code   &

and thus what he sees and clicks on is

domain.com/invoice.php?i=123&k=456

my question is:   is there a way to be fault tolerant on my end, and accept either format
for the "k"  parameters,   i.e., have the parameter literally named
amp;k

or somehow access the URL used and parse it manually (without using the benefit of $_POST )
since it does successfully open my PHP page, but the k parameter is blank

p.s.   i could just combine into one parameter, but there are other constraints and pages that i'd have to change;   thus exploring   if there's a trick that would be easier to implement

0
Comment
Question by:willsherwood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 17

Expert Comment

by:nplib
ID: 20383599
to retrieve the values from this url
domain.com/invoice.php?i=123&k=456
you have to use $_GET not POST
or to make it universal use $_RESULTS then it works with both get and post.
0
 

Author Comment

by:willsherwood
ID: 20383781
yes of course, that URL works fine.

but as explained, the semicolon gets in the way, which is my question.

sorry if i wasn't clear
0
 
LVL 17

Expert Comment

by:nplib
ID: 20383803
no, you need to fix it so it doens't display it as &

post the code that creates the link.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:willsherwood
ID: 20383869
sorry i wasn't clear.
for some 500 clients it appears and functions correctly.
for one (only) client,
his email reader on a mac is somehow set to show the html code somehow.
i'm wanting to be fault tolerant for a case like that.

thus i'm specifically seeking the answer to the question:
can the variable name include ";"
or another work-around would be to
read the URL as entered and manually parse it.
0
 
LVL 17

Expert Comment

by:nplib
ID: 20383900
yeah, but the ; will always break it.
even if you were to try something like
if (!$_GET['k']) {
    $value = $_GET['amp;'];
} else {
   $value = $_GET['k'];
}

the ; will cause all kinds of troubles, best bet if to fix it at the source.
0
 

Author Comment

by:willsherwood
ID: 20383986
so there's no way to retrieve the URL that was used and parse it?
0
 
LVL 17

Assisted Solution

by:nplib
nplib earned 600 total points
ID: 20384001
not if it shows up like that.
but it should be to hard to fix the problem at the source, just post the code and lets have a look see.
0
 
LVL 54

Accepted Solution

by:
b0lsc0tt earned 1000 total points
ID: 20384124
willsherwood,

You would have to get the complete querystring and process it manually.  Since the html entity & uses the ampersand character it causes a problem when you try to "read" it from the URL.  That is a reserved character.  The best fix would be to figure out if there is a way to prevent that one email client from messing it up. :)

To have PHP get the complete querystring try ...

$_SERVER["QUERY_STRING"]

Let me know if you have any questions or need more information.

b0lsc0tt
0
 
LVL 51

Assisted Solution

by:Steve Bink
Steve Bink earned 400 total points
ID: 20386208
In PHP, you could go through the entire querystring and replace any instance of "&" with "&".  That would resolve the problem in this specific instance, but it would also mean you could not use "&" in any part of the querystring as actual data.
0
 

Author Closing Comment

by:willsherwood
ID: 31411965
thanks to all!
QUERY_STRING was the key
0
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 20445776
Your welcome!  I'm glad I could help.  This was an interesting question.  Thanks for it and the grade and points.

bol
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo‚Ķ
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
The viewer will learn how to dynamically set the form action using jQuery.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question