rewrite unescapes chars, and {escape} fails

Oh, the strange things mod_rewrite does!

rewrite unescapes chars, and {escape} fails

Postby BMN » Wed Jul 05, 2006 2:20 am

Hi. Nobody in alt.apache.configuration on usenet could help, I hope you can :)

I hate apache for doing that. When I do a rewrite rule, the chars in the url are unescaped in the rule. Then the data is unescaped again.

(note: for readability, I use the "code" tag because I use spaces as "layout")
Code: Select all
Exemple :
RewriteRule ^(.*)$ index.php?all=$1

Someone wants the url  /aa1     I get $all=='aa1'   and know what to do.
Someone wants the url  /a%20b   I get $all=='a b'   and know what to do.
Someone wants the url  /a%25b   I get $all=='a%b'   and know what to do.

Someone wants the url  /a%2520b   I get $all=='a b'   and I'm fucked. I wanted 'a%20b'
(   /a%2520b   is rewrited   index.php?all=a%20b   and then    $all='a b'   )

So I found in the archives the solution for this, being :

RewriteRule ^(.*)$ index.php?all={escape:$1|$1}

For the url /a%2520b   I know have ideed $all=='a%20b'


But a new case happened. The culprit is   /a%26b
This means 'a&b'
Except for whatever the reason is, & in not re-escaped.
So php got a fun answer: ?all=a&b  means for him $all='a' and $b=''

A clear exemple is when I print_r() $_SERVER, and try with /a%26b%20c

    [REDIRECT_QUERY_STRING] => all=a&b%20c
    [REDIRECT_URL] => /a&b c
    [QUERY_STRING] => all=a&b%20c
    [REQUEST_URI] => /a%26b%20c

It's clear that the 2 chars are not treated the same way...

Does anyone got a solution ?
BMN
 
Posts: 39
Joined: Wed Jul 05, 2006 2:15 am

Postby richardk » Wed Jul 05, 2006 5:06 am

REQUEST_URI has the right value, just not decoded, right?

At the top of your PHP:
Code: Select all
$_GET['all'] = urldecode(substr(getenv('REQUEST_URI'),1));
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am

Postby BMN » Wed Jul 05, 2006 6:06 am

richardk wrote:REQUEST_URI has the right value, just not decoded, right?

Of course !
I've been trying so much with a "good" way I never thought about searching a solution in php itself...

This is a very good workaround !
At least now it works. Thanks a lot.
BMN
 
Posts: 39
Joined: Wed Jul 05, 2006 2:15 am


Return to Idiosyncrasies

Who is online

Users browsing this forum: No registered users and 1 guest

cron