• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 312
  • Last Modified:

How do I strip out bad characters from my Web Service client?

I have written a web service client in drupal that is functioning well. There are however some data issues on the backend which prevents certain methods from working. Is there a way to strip bad characters out on the client using a php function - even if I am unsure what those bad characters are? Any help is greatly appreciated!
$AcadPlan = $_REQUEST['AcadPlan'];
$data = xmlrpc('https://url/XmlRpcServer', 'eAdvisorDSFind.findDegreeByAcadPlanMapArray', (string) $AcadPlan);
foreach($data as $degree)
echo "<div class='degreetitle'>";
echo "$degree[Descr100] ($degree[Degree])<br/></div>";
echo "<div class='collegetitle'>$degree[DiplomaDescr]</div>";
echo "<h3>Major Description</h3> $degree[DescrlongExtns]";
echo "<h3>Career Opportunities</h3> $degree[AsuCareerOpp]";
echo "<h3>Contact Information</h3> $degree[AsuOfficeLoc]  $degree[Phone]
 <a href='mailto:
     ' >$degree[EmailAddr]</a>";
echo "<h3>Course Plan</h3> <a href=$degree[ASUCritTrackUrl]>Major Map</a>";
echo "&nbsp;|&nbsp; <a href='http://www.asu.edu/programs/majormaps/'>Archive</a>";
 } else {
?></p> <table width="100%">     <tbody>         <tr bgcolor="#f0d6b2">             <td width="65%"><strong>Program</strong></td>             <td width="15%"><strong>Degree</strong></td>             <td width="20%"><strong>Course Plan</strong></td>             <?
$data = xmlrpc('https://url/XmlRpcServer', 'eAdvisorDSFind.findDegreeByCollegeAndProgram', 'CTS','undergrad');
  'return strcmp($a["Descr100"],$b["Descr100"]);'));
foreach($data as $degree)
echo"<tr bgcolor='#FBFBF3'><td width='65%'>";
echo"<a href='http://provost-test.asu.edu/testdump&AcadPlan=$degree[AcadPlan]'> $degree[Descr100] </a>";
echo"</td><td width='15%'>";
 echo"</td><td width='20%'>";
 echo" <a href='$degree[AsuCritTrackUrl]' >Major Map </a>";
?>         </tr>     </tbody> </table>

Open in new window

  • 2
  • 2
  • 2
3 Solutions
Roger BaklundCommented:
>> Is there a way to strip bad characters out on the client using a php function - even if I am unsure what those bad characters are?

Yes, but only if you know which characters are NOT bad.
I agree with CXR; you need to be more specific as to what you define as characters that are bad.  If you are trying to remove HTML, then you would want to use the strip_tags function.  See code snippet.  If you are trying to remove specific characters embedded in a string then your best tool would be RegEx (Regular Expressions),; but with RegEx you would need to specify what characters to replace or remove.
$string = "<br><br><div>Hello</div>";
$strippedstring = strip_tags($string);

Open in new window

SashaIsaacAuthor Commented:
Maybe I will try the approach mentioned by cxr - and only allow certain characters. The problems is they can't say what data is bad - just if they retype the info by hand the errors stop.

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Roger BaklundCommented:
If you post some examples of good and bad requests, maybe we can spot some "suspects".

You could try using urlencode().
I am not convinced that urlencode would do what he is looking for since that function is designed specifically to encrypt a querystring variable being sent to another page.

Where $str is the string or variable to encode.

Rather, the code snippet below is an example of using RegEx to remove Symbols from code.  I did not personally write this code but I have used pieces of it in functions I have wrote in the past.  I hope it helps.

 * Strip symbols from text.
function strip_symbols( $text )
    $plus   = '\+\x{FE62}\x{FF0B}\x{208A}\x{207A}';
    $minus  = '\x{2012}\x{208B}\x{207B}';
    $units  = '\\x{00B0}\x{2103}\x{2109}\\x{23CD}';
    $units .= '\\x{32CC}-\\x{32CE}';
    $units .= '\\x{3300}-\\x{3357}';
    $units .= '\\x{3371}-\\x{33DF}';
    $units .= '\\x{33FF}';
    $ideo   = '\\x{2E80}-\\x{2EF3}';
    $ideo  .= '\\x{2F00}-\\x{2FD5}';
    $ideo  .= '\\x{2FF0}-\\x{2FFB}';
    $ideo  .= '\\x{3037}-\\x{303F}';
    $ideo  .= '\\x{3190}-\\x{319F}';
    $ideo  .= '\\x{31C0}-\\x{31CF}';
    $ideo  .= '\\x{32C0}-\\x{32CB}';
    $ideo  .= '\\x{3358}-\\x{3370}';
    $ideo  .= '\\x{33E0}-\\x{33FE}';
    $ideo  .= '\\x{A490}-\\x{A4C6}';
    return preg_replace(
        // Remove modifier and private use symbols.
        // Remove mathematics symbols except + - = ~ and fraction slash
            '/\p{Sm}(?<![' . $plus . $minus . '=~\x{2044}])/u',
        // Remove + - if space before, no number or currency after
            '/((?<= )|^)[' . $plus . $minus . ']+((?![\p{N}\p{Sc}])|$)/u',
        // Remove = if space before
            '/((?<= )|^)=+/u',
        // Remove + - = ~ if space after
            '/[' . $plus . $minus . '=~]+((?= )|$)/u',
        // Remove other symbols except units and ideograph parts
            '/\p{So}(?<![' . $units . $ideo . '])/u',
        // Remove consecutive white space
            '/ +/',
        ' ',
        $text );

Open in new window

SashaIsaacAuthor Commented:
These were all great solutions - I figured out it was a problem with the drupal core xmlrpc.inc file with some help from the IT folks here. So we hacked the drupal core. Not ideal but it works!

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now