When passing variables in a link to a PHP file, how do I account for spaces in the link?

It still isn’t working. :frowning: I tried several different things. I dunno, I think I’m gonna leave well enough alone…

Well, once you use that last line I posted, you just debug it by using DIE($message); after that line.
Run the test page and see what is inside of $messge so you can see where the error is.

Perhaps you need to show more of your code. It is hard to one one line at a time to understand where it is failing you. I could just dummy something up, but, doubt it would match your code…

This is a simple process, but, I don’t have all the info from you. You mention $email, $user and $rawurl and $link and $who2 and $url, etc… All you need is:

$url = "https://xxxxx.net/index.php?email2='$email'&user='$user'";

But, this depends on what you do with the $url variable to send it in the email. If you just echo it, okay, it will display. If it is inserted, it must be concatenated, not inserted…

Off to bed, will check in on you in the AM…

1 Like

OP, what is the real problem you are trying to solve by putting this data in GET? Is Frank Bob a first AND last name?

Basically, an existing site member goes to my first PHP page and enters a name ($who2) and an e-mail ($link). When they press submit, an e-mail is dispatched via mail() to the submitted address, and in this e-mail is a link to the second PHP page and I pass the two variables via the link. This works, but if there is a space in the $who2 variable (Frank Bob for example), only “Frank” gets passed. This is the core issue, and I just can’t seem to get it working…

Agreed. I need fresh eyes. :smiley:

Well, my last post creates the url for you. But, you need to concatenate it to the message before sending.
Night for now!

1 Like

I think I’ll mod my script and pass just the e-mail which works great, then make the invited user fill out the form saying who referred them. It would be more secure and makes sure people aren’t messing around with the names. :slight_smile:

I think you are making this too complicated.

If you have two scripts called one.php and two.php you probably have one.php calling two.php with a url that contains the parms that you are passing.
With this assumption,
one.php contains
$my_url= str_replace(" “,”??",“https://xxxx.net/core/[email protected]&user=Frank Bob”);

two.php contains
$my_parms= str_replace("??"," ",$_SERVER[‘QUERY_STRING’];

Then let two.php deal with the $my_parms variable in the same way that you have been handling it.

1 Like

Also, I normally do not pass data using the GET functions. That can be hacked with ease.
I usually pass them using the SESSION variables which are less easy to be hacked. Also, when using them, you can pass full strings and not worry about quotes or spaces. Just pass the string.
Sorry if this just adds more to your thoughts about this…

1 Like

I see what you are saying. Someone could easily change the passed variables?

@calgeorge Thanks!

zoldos,
It is true that passing variables on the tail of a URL is not secure. From your original post, I assumed that you were doing it that way and felt that the application didn’t require much security. If you were passing the variables as a SESSION[] variable, the blanks wouldn’t have been an issue.

If you don’t have control over the calling module (one.php in my example), the called module (two.php) could simply translate the QUERY_STRING in a similar manner. If the URL tail contains blanks, they are generally translated to %20 (the hex representation for an ASCII blank). So you could simply use:
$my_parms= str_replace("%20"," ",$_SERVER[‘QUERY_STRING’];

If this application is dealing with data that must be protected, it would make sense to put it in a session variable so:
one.php contains
$_SESSION[‘my_parm’]=“https://xxxx.net/core/[email protected]&user=Frank Bob”;

two.php contains
$my_parm=$_SESSION[‘my_parm’];

1 Like

I don’t know if sessions would work as one.php sends an e-mail to the user who then, later, clicks a link in that e-mail which then goes to two.php

In any case, I gave up the project. Maybe I’ll look at it again some other day.

Thanks!!

Zoldos, I do verification emails all the time. Like if you change your password on my football pool, it sends a verification to you to ask if it was really you who changed the password. The owner clicks the link in the email and it sends the results back to a secret page that does the actually change of the password.
This is not done with sessions as they only work if you are still on the site. Emails drop out of the site.
But, that can be done. Sorry you are putting it aside. It can be done… But, cya in the next post…

1 Like

I saved all the source, so may take another look down the road. I’ve just launched a co-owned forum so I’m busy ATM! hehe Thanks! :smiley:

This is an XY Problem. You are still describing HOW you are trying to accomplish something. I want to know WHAT you are trying to accomplish. What is the overall summary of this project?

Why are you sending the data in the URL to begin with?

My suggestion to this, could actually be two different ways really.

encode the entire string then parse them on receipt.

It’s a custom coded invite system I wrote for one of my sites. First, an existing member refers someone via e-mail on the first php page. This sends an e-mail to the invitee, providing a link. They click the link and this then goes to the second php page passing their e-mail via the link. On the second page, it asks them to provide certain site info, automatically filling in the e-mail that was passed. Then when complete, I get a message and then setup the account. :slight_smile:

@astonecipher This should answer your question as well as to why I’m passing data via URL.

And I would still encode the string. How you do that is up to you, but the link should be directing with something not as specific.

example.com/link=eyJuYW1lIjogIkpvaG4gU21pdGgiDQosImVtYWlsIjogImpvaG5zbWl0aEBnbWFpbC5jb20ifQ==

Then on the receiving side,

print_r(json_decode(base64_decode($_GET['link'])));

should produce something like this:

stdClass Object
(
[name] => John Smith
[email] => [email protected]
)

1 Like

Looks cool. If I ever work on it again, I’ll look more into this! Thanks! :smiley:

Okay, I’m taking another look at this. I want to pass a submitted e-mail, and a submitted username via a link, then when the invitee clicks the link, the passed values are inserted on the second php page. Can you help? :smiley:

Sponsor our Newsletter | Privacy Policy | Terms of Service