发表新帖
发表新帖

PHP - Plus sign with GET query

后端 未结
关注
6 1430
余生分开走
余生分开走 2020-11-27 20:49

I have a PHP script that does basic encryption of a string through the method below:
相关标签:
6条回答
  • 醉梦人生
    2020-11-27 21:08

    If you'll read the entirety of that bug report you'll see a reference to RFC 2396. Which states that + is reserved. PHP is correct in translating an unencoded + sign to a space.

    You could use urlencode() the ciphertext when returning it to the user. Thus, when the user submits the ciphertext for decryption, you can urldecode() it. PHP will do this automatically for you if it comes in via the GET string as well.

    Bottom line: The + must be submitted to PHP as the encoded value: %2B

    0 讨论(0)
  • 自闭症患者
    2020-11-27 21:16

    We ran into the same problem trying to pass a URL to a PHP script with a string variable containing the "+" symbol. We were able to make it work with;

    encodeURIComponent([string])

    EG:

    var modelString = "SEACAT+PROFILER";
modelString = encodeURIComponent(modelString);
//"SEACAT%2BPROFILER"

    The %2B passes the correct value to the PHP GET as @hobodave said, and we get back the right data set.

    Hope this helps someone else who ran into something like this, and needed a slightly different take on the examples above.

    0 讨论(0)
  • 闹比i
    2020-11-27 21:18

    In my case the problem was that $_GET parameters were not decoding correctly when being used for a MYSQL query. So if you just need to pass the $_GET content to a mysql query then simply encode it (no need to decode anything) like this:

    <a href='processor.php?name=".urlencode($str)."'>".$str."</a></td>
    0 讨论(0)
  • 伪装坚强ぢ
    2020-11-27 21:21

    I realize that this is an old question, but I was looking for a solution to a similar problem with + signs in a GET string. I stumble upon this page and thought I would share the solution I came up with.

    <?php
$key = 'secretkey';
$string = $_GET['str'];

if ($_GET['method'] == "decrypt")
{
    $string = urlencode($string);
    $string = str_replace("+", "%2B",$string);
    $string = urldecode($string);
    $output = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($string), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
}

if ($_GET['method'] == "encrypt")
{
    $output= base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key))));
}

echo $output;
?>
    0 讨论(0)
  • 闹比i
    2020-11-27 21:26

    none of the above answers worked for me, I fixed the "+" sign problem using 

    rawurldecode()

    and

     rawurlencode()
    0 讨论(0)
  • 孤独总比滥情好
    2020-11-27 21:29

    You should be using urlencode() before putting the encrypted string on the query string, which will "escape" any special characters (including +) and then call urldecode() before decrypting it, to revert them back to their original form.

    0 讨论(0)
 看不清?
提交回复
热议问题