safely encode and pass a string from a html link to PHP program
Posted
by bert
on Stack Overflow
See other posts from Stack Overflow
or by bert
Published on 2010-04-20T02:30:20Z
Indexed on
2010/04/20
2:33 UTC
Read the original article
Hit count: 325
What series of steps would be reqired to safely encode and pass a string from a html href using javascript to construct the link to a php program.
in javascript set up URL
// encodes a URI component.
path = "mypgm.php?from=" + encodeURIComponent(myvar) ;
in php:
// get passed variables
$myvar = isset($_GET['myvar']) ? ($_GET['myvar']) : '';
// decode - (make the string readable)
$myvar = (rawurldecode($myvar));
// converts characters to HTML entities (reduce risk of attack)
$myvar = htmlentities($myvar);
// maybe custom sanitize program as well?
// see [http://stackoverflow.com/questions/2668854/php-sanitizing-strings-to-make-them-url-and-filename-safe][1]
$myvar = sanitize($myvar);
© Stack Overflow or respective owner