Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 318
  • Last Modified:

Display Special characters on web page (-- PHP)

Hello,
  I have  some data in a database that I trying display on Webpage but I am having some  issues with postback.

Table data

Index|CID|PH|Devicename
1|/+@<`|561| P1
2|123|561923|P2

To display the data on the page I used the urlencode($row["$this->CID"]).

The page is display ok with a hyperlink.
     $value = "<a href=$myroot/display/CID/$cid/top/$top/StartDate/$sd/sys/" . $this->sys . ">$value</a>";
 echo "<td>$value</td>\n";

When I click on the CID link I get "page cannot be found" for the entry with the special characters

This is the URL after the encoding
https://myserver/public/index.php/index/display/CID/%2F%3C%2F%3E%2B%40%3C%60/top/1/StartDate/2012-02-26/sys/sys1

It does not get to the postback page..

Thanks for the help
0
SiemensSEN
Asked:
SiemensSEN
  • 4
  • 2
  • 2
2 Solutions
 
Ray PaseurCommented:
urlencode() is typically used to encode the values passed to URLs but not the string inside the address portion of the URL.  Have you got this online somewhere that we can see it in action?
0
 
SiemensSENAuthor Commented:
Sorry . No access from the outside

I am attaching a screen print

Screen print - This is part of teh screen displayed to the user

The URL-<a ref> for the first entry is

https://myserver/public/index.php/index/display/CID/b8899d01cb5062e6/top/OSS/StartDate/2012-03-04/sys/BocaFT5

URL for the second entry (with the special characters is)

https://myserver/public/index.php/index/display/CID/%2F%26lt%3B%2F%26gt%3B%2B%40%26lt%3B%60/top/OSS/StartDate/2012-03-04/sys/BocaFT5

Clicking on first entry OK
Clicking on second entry -- page cannot be found
Link.jpg
0
 
Ray PaseurCommented:
Do you actually have a URL with that name, containing the special characters?  I think a better design might be to rely on a key (perhaps the Index column) to locate the data you want to display.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
SiemensSENAuthor Commented:
Thanks.
No I do not  have a URL with the special character. I use the urlencode(cid) when I display the page. So, it translate the '/+@<`' to %2F%26lt%3B%2F%26gt%3B%2B%40%26lt%3B%60
0
 
dmgroomCommented:
I see you are linking to https://myserver/public/index.php/index/display/CID/%2F%26lt%3B%2F%26gt%3B%2B%40%26lt%3B%60/top/OSS/StartDate/2012-03-04/sys/BocaFT5

So does the script https://myserver/public/index.php contain code which decodes the rest of the URL string and then performs some action?

If so, is the code which handles this working correctly, do you urldecode the data before doing whatever else you do to it?
0
 
SiemensSENAuthor Commented:
Thanks,
  The problem is ... it never get to the postback page (controller) for me to decode the information.

When I click the first link  I can capture the argument. however, the second link(with the special characters) does not get to the postback page . It seem to die at the webserver level..
0
 
dmgroomCommented:
are you are to replace the "/" after php with a "?" so
https://myserver/public/index.php/index/display/CID/%2F%26lt%3B%2F%26gt%3B%2B%40%26lt%3B%60/top/OSS/StartDate/2012-03-04/sys/BocaFT5

becomes

https://myserver/public/index.php?index/display/CID/%2F%26lt%3B%2F%26gt%3B%2B%40%26lt%3B%60/top/OSS/StartDate/2012-03-04/sys/BocaFT5 

But if I'm totally honest I really dislike the whole URL you are trying to use.  I suppose its too simple to suggest that you dont allow these special characters in the CID field
0
 
SiemensSENAuthor Commented:
replace the "/" with & works.  Do you know why the "/" would not work?

The CID field is used as a key to find other information.  It is a value generated by a device.

I agree with you and will used the index as the key look up.

Thanks for your help
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now