How to pass Chinese characters to URLs in php. special dangerous characters _ PHP Tutorial

Source: Internet
Author: User
In php, the url is used to pass Chinese characters, which is a solution to special dangerous characters. We need to pass Chinese characters or other special characters such as html in the url. it seems that there will always be various chaos, and different browsers will encode them differently. for Chinese, in general, we need to pass Chinese characters or other special characters such as html in the url. it seems that there will always be various chaos, and different browsers have different codes for them,

For Chinese, the general practice is:

Before passing these text strings to the url, perform urlencode ($ text) first;

However, for some "dangerous" characters, such as html characters or even SQL injection-related characters, if it is clearly passed to the system, for security reasons, the system usually filters them out.

Now, we need these dangerous characters. what should we do?

The solution I have come up with is to encode them with base64_encode ($ text) and decode them with base64_decode ($ text) on the server,

It looks perfect, but there is another problem in the use process. The base64_encode encoded string contains characters such as "/", "+", "=,


The base64_encode () function transmits the user's opinion (a small amount of content) in the url. when the user submits (post submits), an array is provided. therefore, I use the bse64_encode () function to encrypt my opinion. when I jump to the processing page, I receive the data again with get, and the encrypted data on both sides is incorrect. a + character is missing.

Encryption submitted by users:

TPK9tNPNyKUsuse6xyYjNDY7JiM0NjsufMavwcEhfMyrxq/BwcHLLMjDztLO3tPvLNXmz + vI69ehsKEhfHw =


On the processing page, use get to receive the following:

TPK9tNPNyKUsuse6xyYjNDY7JiM0NjsufMavwcEhfMyrxq/BwcHLLMjDztLO3tPvLNXmz vI69ehsKEhfHw =

If a plus sign is missing from the comparison, I don't know why it is exported. (maybe it is get, or the + character may not be available !). Please give me some advice.

These characters are special characters in url encoding. for example, "+" indicates "space", but different browsers have different codes for "space, some are represented by "+" and some are represented by "20%". that is to say, when these base64_encode encoded strings are passed in the url and browsed in different browsers, the value obtained by the server is different.

As a result, I thought of a compromise. I first replaced these base64 encoded special characters, and then replaced them on the server:


Solution:

1. when the user submits the encrypted string, I replace the + character with another character. for example, str_replace ('+', '_', $ content );
2. switch again on the processing page: for example, str_replace ('_', '+', $ content );

The code is as follows:


Function base_encode ($ str ){
$ Src = array ("/", "+", "= ");
$ Dist = array ("_ a", "_ B", "_ c ");
$ Old = base64_encode ($ str );
$ New = str_replace ($ src, $ dist, $ old );
Return $ new;
}

Function base_decode ($ str ){
$ Src = array ("_ a", "_ B", "_ c ");
$ Dist = array ("/", "+", "= ");
$ Old = str_replace ($ src, $ dist, $ str );
$ New = base64_decode ($ old );
Return $ new;
}


The following figure shows the effect in the browser.

XOO6w6Osuf65_aiy_atL_b00Ke5_b8jnus6ho6GjoaM_c

The urldecode instance method is simple.

Urldecode (string $ str)
Decodes any % # in the encoded string ##. Returns the decoded string.

Example #1 urldecode () Example

The code is as follows:


$ A = explode ('&', $ QUERY_STRING );
$ I = 0;
While ($ I <count ($ )){
$ B = split ('=', $ a [$ I]);
Echo 'Value for parameter ', htmlspecialchars (urldecode ($ B [0]),
'Is, htmlspecialchars (urldecode ($ B [1]),"
";
$ I ++;
}
?>

Pipeline, for Chinese, generally do...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.