CodeIgniter Forums
specific controllers allowing query strings - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forum-21.html)
+--- Thread: specific controllers allowing query strings (/thread-16525.html)

Pages: 1 2 3 4


specific controllers allowing query strings - El Forum - 03-09-2009

[eluser]Yorkshire Pudding[/eluser]
Hi, does anybody know a way of allowing query strings to be used in specific controller? Is there a way of using wildcards / reg expression explained in docs(URI routing) to be able to grab the variable and route it through to my controller without having to enable query strings across the board?

basically our payment gateway sends our customers back to a success or failure page and attaches a get value with details of the transaction.

e.g. http:/mysite/index.php/home/order_success?crypt=DycAHF1HGiA1WRU9

I know i could set up a subfolder outside of CI but i wouldn't have the use of all my models which just means i'd have to write it all out again in vanilla PHP.

Thanks


specific controllers allowing query strings - El Forum - 03-09-2009

[eluser]drewbee[/eluser]
I can't remember if the stock htaccess can tell the difference between actual files, and files that do not exist but get routed through the CI controller.

Currently any file that does literally exist does not get processing through CI for me. I had this situation come up with paypal and did something to the tea of:

/paypal.php
Code:
header("Location: /paypal/process_transaction/" . $_GET['crypt']);

That is a down and dirty sample of what I did, as I didn't do any data cleansing, but I hope you get the idea.

Also if anyone else has a better way, let me know. Two http requests are going to happen for each transaction this way.

you would simply post the transaction to example.com/paypal.php?crypt=df908as7dfd

edit:

I actually created a directory at the root called 'bootstraps' and this is where I place these type of situation files.


specific controllers allowing query strings - El Forum - 03-10-2009

[eluser]Yorkshire Pudding[/eluser]
Thanks for the reply.

This seems like a good solution to the problem for now. Will implement that and see if I can come up with another way of getting round it.


specific controllers allowing query strings - El Forum - 03-10-2009

[eluser]xwero[/eluser]
A hackish solution is to define a MY_GET constant in the constants.php file the fetches the GET values
Code:
define('MY_GET',$_GET)
Then is doesn't matter what your settings are.


specific controllers allowing query strings - El Forum - 03-10-2009

[eluser]Yorkshire Pudding[/eluser]
Hi, thanks for reply. I get this message using this method.

Warning: Constants may only evaluate to scalar values in C:\wamp\www\mysite.co.uk\system\application\config\constants.php on line 4

I don't know the inner workings of CI, so don't really understand this solution.


specific controllers allowing query strings - El Forum - 03-10-2009

[eluser]pistolPete[/eluser]
Quote:Warning: Constants may only evaluate to scalar values

Have a look at http://php.net/define:
Quote:The value of the constant; only scalar and null values are allowed. Scalar values are integer, float, string or boolean values.

In order to use an array constant you'd have to serialize it.


specific controllers allowing query strings - El Forum - 03-10-2009

[eluser]xwero[/eluser]
It's a php error. You can't add an array as a value of a constant. So you have to work with
Code:
define('MY_GET',$_SERVER['QUERY_STRING']);
To get the key value(s) out from the string you can use this function
Code:
function get_pairs($key='')
{
   parse_str(MY_GET,$pairs);
   // all pairs
   if(empty($key))
   {
      return $pairs;
   }
   // some pairs
   if(is_array($key))
   {
      $keys = array_keys($pairs);
      $output = array();
      foreach($key as $k)
      {
         if(in_array($k,$keys))
         {
            $output[$k] = $pairs[$k];
         }
      }
      return $output
   }
   // a pair value
   if(isset($pairs[$key]))
   {
      return $pairs[$key];
   }
}
Another solution based on the same constant is to repopulate the GET global with the constant after the input class cleaned the globals. The pre_controller hook is best suited for this.


specific controllers allowing query strings - El Forum - 03-10-2009

[eluser]Yorkshire Pudding[/eluser]
Thanks for these solutions. I'll have to dust off the old php book and read up on this. I'm just a framework monkey really :cheese: but i'll have a bash at this last solution.


specific controllers allowing query strings - El Forum - 03-10-2009

[eluser]xwero[/eluser]
[quote author="pistolPete" date="1236701916"]In order to use an array constant you'd have to serialize it.[/quote]
serializing is another solution but i don't think it matters much if you do
Code:
parse_str(MY_GET,$pairs);
or
Code:
$pairs = unserialize(MY_GET);
in the function i wrote before.


specific controllers allowing query strings - El Forum - 03-10-2009

[eluser]Yorkshire Pudding[/eluser]
I'm going to use the first solution given(so i can get the site up), until I have time to understand and implement the second solution.

the crypt that protx sends back is

DycAHF1HGiA1WRU9VFFGAG1kOChhYTYREgsKbi8mNAEbBipVAnd9HVsORhssSUMAbwNDO3N2eWxFdzRqXiJASH8RGhlGQD1lOX1XCx0FBUAqBgsMU1wiZUYGQWhJXlFhMSdOOUdBJjcEXwI5HQ0eW3k1DwsSZjs7FVMCKw8RHRt/FhY5R0EmFhkLRWlQUkcGYWQvLmF2GGpLcjAMKEQ/eg1iLTB3dgUdMhAwPA0WFEYqEAsLR1k6ZTh5JQg7Kyd8HQcqXmJaPSw1WRU9OwECQDU2UzZ9YR4KOWA4HCwgV3YPcDwdQUAiLEt4Pgw5Nj5jEAYrPBRyJz4Cdxg8VFRXBh0RCxtHRysLAlcFLRpZP3oNASY9cX4LHFB3HDccCgUIaHFASAI=

which poses a few problems. Firstly it has '/' in it so it looks like additional url segment, and secondly it has '=' in it which is a disallowed character in config file.

Two questions really then.

1. Is it secure to allow '=' in the permitted_uri_chars.
2. Any ideas on how to overcome the '/' problem (urlencode() perhaps?)