Problems with $_GET

**Richard Levasseur** · Mar 8 '06, 07:15 PM

Re: Problems with $_GET

One rule of web development is you cannot rely on the GET/POST data at
all as the client can forge it very very easiy. You shoul do some data
checking and error handling to prevent this.

If you are trying to pass multiple values for the same parameter name,
append [] to them and they will come in as an array.
ie: ?asdf[]=foo&asdf[]=bar

You can try parse_url(), but that is probably what php uses to parse
$_GET anyways, so you'd have to write your own function to parse it and
take the first value and ignore the subsequent values.

**Andy Jeffries** · Mar 8 '06, 10:55 PM

Re: Problems with $_GET

Tim Streater wrote:[color=blue]
> I have a page which I enter thusly:
>
> http://my.domain/mypage.phtml?absid=...age=somestring
>
> and inside mypage.phtml I do this:
>
> $absid = $_GET["absid"];
>
> Unfortunately, and I can't easily fix this in the short term, my
> "somestring " may contain "absid=456" .[/color]

It shouldn't do, it should contain "absid%3D45 6" i.e. the = within the
parameter should be urlencoded. If you're generating that url you
should wrap the parameter in urlencode().

This would then enable PHP to correctly parse each parameter.

Cheers,

Andy

**Tim Streater** · Mar 9 '06, 01:25 PM

Re: Problems with $_GET

In article <baJPf.34670$x9 6.30736@fe02.ne ws.easynews.com >,
Andy Jeffries <news@andyjeffr ies.co.uk> wrote:
[color=blue]
> Tim Streater wrote:[color=green]
> > I have a page which I enter thusly:
> >
> > http://my.domain/mypage.phtml?absid=...age=somestring
> >
> > and inside mypage.phtml I do this:
> >
> > $absid = $_GET["absid"];
> >
> > Unfortunately, and I can't easily fix this in the short term, my
> > "somestring " may contain "absid=456" .[/color]
>
> It shouldn't do, it should contain "absid%3D45 6" i.e. the = within the
> parameter should be urlencoded. If you're generating that url you
> should wrap the parameter in urlencode().[/color]

Thanks, this was the correct pointer. When I came to look at my code
again I remembered that most of this work was being done in JavaScript
but the principle is the same - I added an escape call and all is now
fine.

Thanks!

-- tim

**Andy Jeffries** · Mar 9 '06, 01:35 PM

Re: Problems with $_GET

On Thu, 09 Mar 2006 13:15:07 +0000, Tim Streater wrote:[color=blue][color=green]
>> It shouldn't do, it should contain "absid%3D45 6" i.e. the = within the
>> parameter should be urlencoded. If you're generating that url you
>> should wrap the parameter in urlencode().[/color]
>
> Thanks, this was the correct pointer. When I came to look at my code again
> I remembered that most of this work was being done in JavaScript but the
> principle is the same - I added an escape call and all is now fine.[/color]

No worries mate.

Cheers,

Andy

--
Andy Jeffries MBCS CITP ZCE | gPHPEdit Lead Developer
http://www.gphpedit.org | PHP editor for Gnome 2
http://www.andyjeffries.co.uk | Personal site and photos

Problems with $_GET

Problems with $_GET

Comment

Comment

Comment

Comment