Results 1 to 4 of 4

Thread: [RESOLVED] VERY simple question on $_GET!

  1. #1

    Thread Starter
    Member
    Join Date
    Mar 2008
    Posts
    48

    Resolved [RESOLVED] VERY simple question on $_GET!

    Hello, I have some code that converts a given password and salt to an md5 hash, as part of a login system of a bigger project that I have been working on.


    This is the problem. The password salts are randomly generated, and sometimes they contain special characters. notably the forward slash.

    this is my php code:

    Code:
    <?php
    $password = $_GET['p'];
    $salt = $_GET['s'];
     $finished = "no value inputted";
     
      $password = md5($password);
      $finished = md5($password.$salt);
    
                    print($finished);	
    
        ?>

    It works perfectly, so I just visit


    www.website.com/md5.php?p=password123&s=d4d


    BUT if the salt includes a forward slash or an ampersand etc, it obviously ends up making the url look like this:

    www.website.com/md5.php?p=password123&s=d/d

    www.website.com/md5.php?p=password123&s=d&d


    which oibviously messes it all up.


    how can I make it so that the php script accepts special characters such as the forward slash without the browser automatically thinking it's a new folder?


    I want to be able to input the password salt even with special characters.

    I dunno if you can put it in '' quotes or not? hmm

    a little help would be appreciated please!

  2. #2
    PowerPoster techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,687

    Re: VERY simple question on $_GET!

    the string needs to be run through urlencode before being sent out. That will make any special characters url friendly. Then, on the receiving end, use urldecode to convert the url value back to its original values.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

  3. #3

    Thread Starter
    Member
    Join Date
    Mar 2008
    Posts
    48

    Re: VERY simple question on $_GET!

    cool.... and how do I do that?

    I need to do a urlencode in vb.net and the urldecode obviously in the php script

  4. #4

    Thread Starter
    Member
    Join Date
    Mar 2008
    Posts
    48

    Re: VERY simple question on $_GET!

    ok, I got it sorted. for anyone else who has had this problem this is what you do:



    on a vb.net windows form application that will be submitting the string:

    dim str as string = "password123^&+ddpoo" ' password with special chars
    dim strencoded as string
    strencoded = System.Web.HttpUtility.UrlEncode(str)


    strencoded will then be a url-friendly version of str. replacing the ampersand etc with the uri equivelents.


    as for the php, if you are submitting it as an argument to the php file, the $_GET will automatically decode it.. so no need to add any urldecode stuff to the php script, as $_GET automatically decodes it if needed.


    Thanks for the help techgnome

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width