Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Disallowed characters in URL and search
Disallowed characters in URL and search
  • El Forum
    Guest
  •  
#4
07-26-2010, 04:52 AM

[eluser]Buso[/eluser]
[quote author="victorche" date="1280150607"][quote author="Buso" date="1280146169"]http://ellislab.com/forums/viewthread/160377/

If you need to whitelist more characters you can do that in config.php.

It is about security as you said, but you can change almost anything in CI.[/quote]

Thanks, Buso ... This helped a little. I have 2 different questions. The first one:
As I am a newbie in programming, the solution you are giving there seems elegant, but can you give me a hint (short example) what should i do next in MY_Router? I mean this part of your answer "Then you let the Router class handle that as a 404". Can you please give some more info about it?
The second question is more about the logic. If you want to search for "iphone" and by mistake you type "iphone>", do you think it is normal to lead to 404?
Because the user who asks in the other topic has another problem. Not like mine. He needs after submitting a disallowed character - 404 page. I don't think this is good for my case. I can't even think of a website, which has a search function and this search leads to 404 in any case Sad
Maybe i will prefer just to search for everything, or ... if it is not possible, just to have an error message, informing for the not allowed characters (but not the default CI one).

Sounds too complicated, i know. But as i said, i don't think there is a site, which gives 404 or "disallowed characters" as a result for search Sad[/quote]
You need to validate the user input before using it in your application (you can use codeigniter's form validation)
Then if a user writes iphone>, you just tell him which characters are allowed with a nice error message, and let him try again.
If you still want your users to be able to use iphone> as a search input, you can remove strange chars before using it in a URI, or add '>' to the allowed chars list. Or don't use it in a URI and send it via post.

About MY_URI, once you installed it, wrong URIs will automatically show the 404 error message (which is handled by the router class and the exceptions class). But you still need to have a MY_Router and MY_Exceptions class (I think) if you want the 404 message to be customized. Otherwise the CI's default 404 message will be shown (which works fine for SEO, but maybe not for users)


Messages In This Thread
Disallowed characters in URL and search - by El Forum - 07-26-2010, 12:50 AM
Disallowed characters in URL and search - by El Forum - 07-26-2010, 01:09 AM
Disallowed characters in URL and search - by El Forum - 07-26-2010, 02:23 AM
Disallowed characters in URL and search - by El Forum - 07-26-2010, 04:52 AM
Disallowed characters in URL and search - by El Forum - 07-26-2010, 06:11 AM
Disallowed characters in URL and search - by El Forum - 07-26-2010, 04:23 PM
Disallowed characters in URL and search - by El Forum - 07-26-2010, 05:33 PM
Disallowed characters in URL and search - by El Forum - 08-08-2010, 01:33 AM



Theme © iAndrew 2016 - Forum software by © MyBB