Welcome Guest, Not a member yet? Register   Sign In
How to stop form converting special chars??
#1

[eluser]umbungo[/eluser]
1. I have a form using 'get' which has some values which include characters such as ( ) ,
How can I keep these as ( ) , and not eg. % 2C (no space), in the URL when the form is submitted??

2. On a similar note, when I add items which have a name including eg ( ) to my cart using $this->cart->insert($array) this does not work. Can i make this work and keep brackets?
#2

[eluser]andyy[/eluser]
1. Try using htmlentities() and html_entity_decode():
php.net: htmlentities()
php.net: html_entity_decode()

2. Not too sure about the cart issue with brackets, it should insert no problem. Can you post the code you are working with please?
#3

[eluser]InsiteFX[/eluser]
This has been answered before on the forums here, you will need to search for it.

InsiteFX
#4

[eluser]umbungo[/eluser]
1. I don't see how i could use this. The text is in 'regular' form when it is submitted. eg....
Code:
&lt;form method="get" action="/somewhere"&gt;&lt;input type="checkbox" name="name" value="this,that"> <-submit->&lt;/form&gt;
Pressing submit sends me to example.com/somewhere/?name=this,that rather than example.com/somewhere/?name=this,that that I am trying to get.

2. The relevant code is just an array(id=>$id, name=>$name, 3=>$c) etc followed by $this->cart->insert($array). Where $name contains a bracket, the item isn't added to the cart. Otherwise they add fine.

PS: i did search so either i was using the wrong terms or the information wasn't what i needed.
#5

[eluser]WanWizard[/eluser]
By default, a name may only contain alpha-numeric, dashes, underscores, colons or periods. Similar rules exist for the id field.
You can alter them via $this->cart->product_id_rules and $this->cart->product_name_rules. Both should be a valid regex.

This should be documented, but isn't.

Next time you have this you might want to look at the code, this would have been obvious right away.
#6

[eluser]umbungo[/eluser]
Thanks WanWizard, #2 sorted. I have tended not to look at the code because I have tried to keep it at 'stock' settings as it were. I wouldn't have expected it to be quite so obvious (second line of code) either! And yes, it really should be documented, product names with slashes or brackets can't be that uncommon.

So can anyone help me out with #1?
#7

[eluser]umbungo[/eluser]
Regarding #1; failing any proper solution what i have done is to implement a redirect on the page which the 'get' sends to.
Code:
if(strpos($_SERVER['QUERY_STRING'], '%')!=false){
            $qs = preg_replace('/%([0-9A-F]{2})/', '&#x${1};', $_SERVER['QUERY_STRING']);
            redirect('/controller/?'.html_entity_decode($qs));
        }
This converts the % 28, % 29, % 2C (no spaces) etc to the proper HTML (HEX) entity form, and then decodes them from there. I still don't know why they come out in the form '% 1A' instead of '& #x1A;', nor do i know why the form insists on converting them this way, I guess it is just a limitation of a very old tech. Nothing i did to the string before submitting it as a form value prevented it being changed to .. If anyone does know how to stop it happening (ie, fix my problem) then please post as this way is unpreffered as it requires a redirect.
#8

[eluser]WanWizard[/eluser]
As to your #2:

Your using a get, so any fields in the form will be part of the query string when you submit the form. So make sure the values posted are valid for use in a URI. This has been mentioned in the first reply. If not possible, use a post form, and if you insist on a query string, process the post, craft a correct URI including the query string, and redirect to it.




Theme © iAndrew 2016 - Forum software by © MyBB