+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Allowing all URI characters for certain controllers. (/showthread.php?tid=19565)
Pages:
1
2
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]TheFuzzy0ne[/eluser]
I'm implementing a search function, which will allow users to search an index and have the results displayed. The problem is that some characters that are likely to be used in a search are not actually allowed in a CodeIgniter URI. I thought I'd share my solution in the hope it might help someone else, and to see if anyone has a better idea.
In my config.php file I have this code:
Code:
$pattern = '/forums/search';
if (substr($_SERVER['REQUEST_URI'], 0, strlen($pattern)) == $pattern)
{
$config['permitted_uri_chars'] = '';
}
else
{
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-';
}
unset($pattern);This allows all characters through for users using the search. I plan on adding any restrictions to the search controller. Simple really.
I've never really understood the problem with allowing all URI characters, since all of my database queries are escaped. What am I missing?
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]Dam1an[/eluser]
[quote author="TheFuzzy0ne" date="1244735991"]I've never really understood the problem with allowing all URI characters, since all of my database queries are escaped. What am I missing?[/quote]
All of your queries may be escaped, but that doesn't mean you can assume everyone elses are
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]TheFuzzy0ne[/eluser]
Is this the only problem though?
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]n0xie[/eluser]
I think most people implement a search function using POST, so the issue just never comes up...
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]TheFuzzy0ne[/eluser]
I'd like to make my search bookmarkable, just like Google, but without query strings.
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]Dam1an[/eluser]
[quote author="n0xie" date="1244737282"]I think most people implement a search function using POST, so the issue just never comes up...[/quote]
Really? I would have thought the one time not to use POST is with a search
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]xwero[/eluser]
n0xie if you want to make it possible to bookmark the search it's best to add the user input to the url.
I guess TheFuzzy0ne wants the user input as a segment instead of having a query string. But a simpler check would be
Code:
$config['permitted_uri_chars'] = (strncasecmp($_SERVER['REQUEST_URI'],'/forums/search',14) == 0) ? '' : 'a-z 0-9~%.:_\-';Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]TheFuzzy0ne[/eluser]
Nicely done. Thanks, xwero!
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]n0xie[/eluser]
[quote author="xwero" date="1244738568"]n0xie if you want to make it possible to bookmark the search it's best to add the user input to the url.
[/quote]
I guess we disagree on this subject then. Why would you bookmark the result of a search query, and not the page you were searching for? Wouldn't google penalize your site for having duplicate content since each search will be indexed, each similar search will return the same resultset, thus the same content, which means you will have different indexed pages (could go into the 100's depending how people use your search function) ALL linking to the same source? Keep in mind that, to google, /search/my+search+query, /search/my search query, /search/my_search_query, /search/my-search-query, /search/search+query+my, /search/query+my+search, /search/query+search+my etc. etc. are ALL different pages. All with EXACTLY the same content.
Quote:From the google pages:
Don't create multiple pages, subdomains, or domains with substantially duplicate content.
I'm all for SEO friendly URL's and resources, but searching your site seems like something SEO has no real benefit. Quite the contrary. Because you have several 'entry' points towards the page you want to display, you will get different pageranks depending on which entry point people use, which will work counterproductive for your SE rank. This is almost the same as the whole 'domainname with or without the www prefix'. The relevance to the subject you are linking to will be distributed amongst the different entry points (which all have a low rank individually) instead of being added to 1 entrypoint (which will give you a high rank).
But I could be wrong of course.
Allowing all URI characters for certain controllers. - El Forum - 06-11-2009
[eluser]TheFuzzy0ne[/eluser]
Why would each search be indexed? Search engines don't submit forms. The only searches that would be indexed, are any searches where the link appears within another page that's been indexed. With that said, I don't see why any searches should need to be indexed by any search engines, and that will be reflected in my meta data appropriately.