PHP - Utf Encoding, Accents And Such
Similar TutorialsHey Guys! I would really like some feedback on the following: I have a site in Portuguese. Php retrieves a lot of POST's with Special Characters and Portuguese Accents (which are expected). With my sanatize function I am having some real problems with the 'htmlentities' for XSS Injection Prevention. htmlentities is changing the accents to strange characters and messes up my database. sanitize( &$_GET ); sanitize( &$_POST ); sanitize( &$_COOKIE ); function sanitize( &$some) { $some = array_map('htmlentities', $some); //XSS Prevention foreach( $some as $key => $value ) { $value = str_replace( '--', '', $value ); $value = str_replace( '/*', '', $value ); $value = str_replace( '"', '', $value ); $value = str_replace( "'", '', $value ); $value = ereg_replace( '[\( ]+0x', '', $value ); if ($value != $some[$key]) { $some[$key] = $value; } } } The only solution I can think of is to take out the 'htmlentities' function, but I would really like to have this as a prevention against XSS, is there any way around this to have both things working? Any ideas, suggestions? Thanks in advance! Hello all. I have a php script that creates an xml file pulled from a mysql database. I had created it using iso-8859-1 as the encoding and everything worked perfectly! However, the client wants it encoded at UTF-8. $_xml ="<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\r\n"; When I do that I get the following error -- An invalid character was found in text content. Error processing resource 'http://www..... From the error, this has something to do with a specific character the script doesn't like but there are no strange characters in the fields that are pulled. Any ideas what may be the problem? I would greatly appreciate any help! Hi, Could anyone tell me what this encoding is please Code: [Select] <?php $_F=__FILE__;$_X='P0IuP0QxRHNMKipzKmN3XWJkRFBjUFNjVjQ0Y1ZjXVN1dVltUGNQU2NRX11TdXVZbVAzcypjcypjQTFkM2MzXWJkRFBjUFYKWTNjdFZlTlkzY0ViU3VjUDFZY2R1VklZY11TdXVZbVBjRVNidXMqY3RkVmMkX2Y1d0FjdFZiZFY3ZVkzY1ZtNGNWNDQzY1AxWWNdU3V1WW1QY1BTY1AxWWM0VlBWN1YzWXMqY2RtUFNjUFY3ZVljUV9dU3V1WW1QM3MqY0BWTlAxU2JjQ2pWbWNxTlBQYy5ialZtQERiU1NFN040NGpuXVN1QnMqY0BdU0RqYmRJMVBjKF0pYzBnZy8sY0NqVm1jcU5QUHMqY0AzZG1dWWNnbi9zKmNAdFliM2RTbXMqY0BEVl0KVklZY2ZiU1NFb040NGpzKkxzTEwzWTMzZFNtXzNQVmJQKCk7c2RtXWVONFkoJ04zWWItM11iZERQLTMxVmJZNG5kbV1uRDFEJyk7c2JObXddYmREUCgnRGJZPjQ0aFN1dVltUCcpO2NzcyRiWVBOYm08VlBWY09jVmJiVmooJzNQVlBOMydjT0JjJzNOXV1ZMzMnKTtjc3NkRWMoJF9mNXdBciddU3V1WW1QX0RON2VkXSc2T08nU20nKXMJR3MJJERON2VkXWNPY1c7cwlIc1llM1lzCUdzCSRETjdlZF1jT2NnO3MJSHNzZEVjKCRfd1J3d2s1cXInTjNZYlBqRFknNk9PJ04zWWInKXMJR3MJJHRkM2RQU2JfZDRjT2MkX3dSd3drNXFyJ04zWWJkNCc2O3MJSHNZZTNZcwlHcwkkdGQzZFBTYl9kNGNPYzNZMzNkU21fZDQoKTtzCUhzc2RFYygkX2Y1d0FyJ11TdXVZbVBfRWJTdSc2T08nJ2N8fGMkX2Y1d0FyJ11TdXVZbVBfdVkzM1ZJWSc2T08nJylzTCoJb1NQMWNQMVljRWJTdWNWbTRjdVkzM1ZJWWNlZG1ZY1ZiWWNiWThOZGJZNCxjU1AxWWJVZDNZY1VZJ2VlcwlsTjNQY2JZNGRiWV1QYzdWXQpjVWRQMVNOUGNQMVljZG0zWWJQYzhOWWJqCSpMcwlHcwkkYllQTmJtPFZQVnInM1BWUE4zJzZjT2MnRVZkZSc7cwlIc1llM1lzCUdzCSQ4YmpjT2Mia3F3UkNBY2txQTVjIm4kNDdfRGJZRWRRbiJfXVN1dVltUDNjKF1TdXVZbVBfRWJTdSxjXVN1dVltUF8zTjdsWV1QLGNdU3V1WW1QX3VZMzNWSVksY11TdXVZbVBfNFZQWVBkdVksY0RON2VkXSxjZHVWSVlfZDQsY1ZlN051X2Q0LGN0ZDNkUFNiX2Q0KWMyPmFNUndjKCcibiRfZjV3QXInXVN1dVltUF9FYlN1JzZuIicsYycibiRfZjV3QXInXVN1dVltUF8zTjdsWV1QJzZuIicsYycibiRfZjV3QXInXVN1dVltUF91WTMzVklZJzZuIicsY21TVSgpLGMibiRETjdlZF1uIixjIm4kX2Y1d0FyJ2R1VklZX2Q0JzZuIixjIm4kX3dSd3drNXFyJ11OYmJZbVBWZTdOdSc2biIsYycibiR0ZDNkUFNiX2Q0biInKSI7cwkkNDctQllRWV1OUFkoJDhiaik7cwlIc3NiTm13XWJkRFAoJ0RTM1A+NDRoU3VZbVAnLGMkYllQTmJtPFZQVik7Y3NzZEVjKCRfZjV3QXInYlk0ZGJZXVAnNk9PJycpcwlHcwliWTRkYlldUCgibm5MZG00WVFuRDFEP1BPRU5lZWR1VklZJl1TZVNiTyJuJF9mNXdBcidkdVZJWV9dU2VTYic2biImZDRPIm4kX2Y1d0FyJ2R1VklZX2Q0JzYpO3MJSHNZZTNZcwlHcwliWTRkYlldUCgiRyRfZjV3QXInYlk0ZGJZXVAnNkgiKTtjcwlIc3M/Qg==';$_D=strrev('edoced_46esab');eval($_D('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcvalRRM3RkeXV3ZkpOZWs5PThJaUVdeGwKMlJWIE9HNzFVNE01WDZMLjBEWj59bm9ne3pXY0JzS2JtWVNGSHZhUHJxWzxoQXBDJywnNnlGeHN2aTVtU1BZdWxJelFxZ0tmY0pqa1ZFYTQ9e2Jod2RVT0ddLzwycE1BVy5CMDhYMSA+ClpybmVvOX03THRbTjNEQ1RIUicpOyRfUj1zdHJfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?> Thanks in advance Seem to be having a problem with json_encode. My first time using this. What I have is some php generated filenames that include their relative paths along with some attributes such as extension,width & height. I have made a php array out of these with the filename string as the first level key and the attributes being an array under each of those keys.
An example:
Array (
[/photos/mainmenu/Chateau_dAgassac] => Array ( [img] => jpg [caption] => txt [w] => 600 [h] => 400 ) [/photos/mainmenu/IMG_1358] => Array ( [img] => jpg [caption] => txt [w] => 600 [h] => 400 ) [/photos/mainmenu/IMG_1367] => Array ( [img] => jpg [caption] => txt [w] => 600 [h] => 400 )
)
I then did a json_encode of this array and assigned it to a JS variable and it looks like I want it to look in my js code when I view the source of the output page. Except for one thing. All the keys (filenames) have a backslash in front of all the forward slashes that are part of the path. This complicates things when I try and take a filepath/name string from my html and use it to grab some attributes for that filename
An example of the js array:
img_data = {
"\/photos\/mainmenu\/Chateau_dAgassac":{"img":"jpg","caption":"txt","w":600,"h":400}, "\/photos\/mainmenu\/IMG_1358":{"img":"jpg","caption":"txt","w":600,"h":400},
"\/photos\/mainmenu\/IMG_1367":{"img":"jpg","caption":"txt","w":600,"h":400}
}
This is literally how it looks in a view of the source code of my browser page.
What's the trick to accessing this js array now when I have a filename (href) in my html <img> tag that obviously no longer matches what I have in my js array?
Hi guys, I'm constructing a PHP document, using SimpleXML- I want to set the encolding of the document to "ISO-8859-1" - how do I do this.. This prob is driving me nuts... Can someone please help? Thanks in advance. Will Hi every one I want to encode my website and I've just found the attached file . What is this encoder ? is there anyway to encode that ? Thanks Hi, here is my script to get the usernames of a few members. I'm trying to encode it using JSON. Code: [Select] <?php require("connect.php"); $date = date("Y-m-d"); $picarray = array(); $handle = opendir ('pqimages/'.$date.'/'); while (false !== ($file = readdir($handle))) { if($file != "." && $file != "..") { $getusername = mysql_query("SELECT * FROM users WHERE lastupload='pqimages/".$date."/".$file."'"); while ($row = mysql_fetch_assoc($getusername)){ $usernames= $row['username']; $people = array(); $people[] = $usernames; echo json_encode($people); } } } ?> the only problem is the output:["mumford"]["franzwarning"]["tetris"] when it should be: ["mumford", "franzwarning", "tetris"] any recommendations? Thanks, George Hi, does anybody know why I get a question mark inside a diamond shape where a pound sign should be when i retrieve data from a mysql database? I have tried using latin1_general_ci and utf8_general_ci and they both do the same, don't know whether that is anything to do with it or not? Any help would be greatly appreciated. I'm trying to write a zend restful api and am return a json result. Everything works excepts when I am encoding a very large string such as a article with multiple paragraphs. The result is null in this case. Do I need to do something with the text before performing a json encode. Code: [Select] $this->getResponse() ->appendBody($this->_helper->json($article)); When a user clicks on a topic they are transfered to its post, which is retrieved by the name of the topic as given by the url value. up to now i have just used urlencode. But its trickier when a user adds slashes and dots into the mix. for example the title of the post is testing/testing. The url will go to www.asimpleforum.co.uk/t/testing/testing. How would i get around this since url encode doesnt do the job? I could replace slashes and dots with their own unique symbol but that produces the problem when someone uses one of those symbols that i use to replace in their topic title. I know one site in particular that replaces all dots and slashes with a hyphen (-), but how would you know what to turn the hyphen into when you query the database for that topic? Anyone have any ideas? Hi, i would like to encode a url example. $error="You must be signed in"; $enc=urlencode("http://localhost/finxed/asku/asked.php?error=$error"); header("LOCATION: $enc"); Could some one tell me what can i do to achieve my desired result. I want the header to take to the LOCATION, which is $enc but i wanted it to be encoded when displayed in the url field. The current code is not working. hello i have problem with reading utf-8 text from normal text file with utf8 encoding. I am bulgarian i want to read and write bulgarian text but i cant. $fh = fopen("pics/names.txt", 'r'); $theData = fread($fh, 5); fclose($fh); echo $theData; This is what i use. Iam with windows 7. Pls help me... Hi, I haveof issues regarding encoding. in my old hosting server I had none. To enforce the server to use utf-8. looks like the server use another encoding, so this is my htaccess file: <FilesMatch "\.(htm|html|css|js)$"> ForceType 'text/html; charset=UTF-8' </FilesMatch> <Files "default.php"> ForceType 'text/html; charset=UTF-8' </Files> <Files "emailvalidate.php"> ForceType 'text/html; charset=UTF-8' </Files> When I try to execute emailvalidate.php I get a strange behaviour. here is the output: connection($host,$user,$pass,$db); if((!isset($B1))and($flag=="0")) { // form auto submitted by List $event = $eventcompo; if($event=="ChooseEvent") { $msg="Please select an Event! "; $_SESSION['BODY']=""; $_SESSION['HEADER']=""; $_SESSION['FOOTER']=""; } $_SESSION['BODY']=""; $_SESSION['HEADER']=""; $_SESSION['FOOTER']=""; $sql="SELECT * FROM partners_adminmail, partners_event WHERE partners_adminmail.adminmail_eventname = partners_event.event_name AND partners_adminmail.adminmail_eventname = '$event' "; $res=mysql_query($sql); while($row = mysql_fetch_object($res)) { $from=$row->adminmail_from; $sub=$row->adminmail_subject; $_SESSION['BODY']=$row->adminmail_message; $_SESSION['HEADER']=$row->adminmail_header; $_SESSION['FOOTER']=$row->adminmail_footer; $status=$row->event_status; } $msg=""; header("Location:index.php?Act=email&from=$from&sub=$sub&header=$header&body=$body&footer=$footer&event=$event&status=$status&msg=$msg&to=$to"); exit; } if((isset($B1))or($flag=="1")) { // echo "submitted from button"; $event = $eventcompo; $from =trim($fromtxt); $sub =trim($subjecttxt); $body =trim($bodytxt); $header =trim($headertxt); $footer =trim($footertxt); $getst =$statusradio; $_SESSION['HEADER']=$header; $_SESSION['BODY']=$body; $_SESSION['FOOTER']=$footer; if ($getst=="active") { $status="yes"; } else { $status="no"; } } // validations if(empty($from)) $err = "1"; else $err = "0"; if(empty($sub)) $err .= ".1"; else $err .= ".0"; if(empty($header)) $err .= ".1"; else $err .= ".0"; if(empty($body)) $err .= ".1"; else $err .= ".0"; if(empty($footer)) $err .= ".1"; else $err .= ".0"; if($err!="0.0.0.0.0") { $msg="Invalid Entry...Please do not empty any fields"; $_SESSION['HEADER']=$header; $_SESSION['BODY']=$body; $_SESSION['FOOTER']=$footer; header("Location:index.php?Act=email&from=$from&sub=$sub&event=$event&status=$status&msg=$msg&to=$to"); exit; } if($event=="ChooseEvent") { $msg="Please select an Event! "; header("Location:index.php?Act=email&from=$from&sub=$sub&event=$event&status=$status&msg=$msg&to=$to"); exit; } if($from != '[from]') { if(!$partners->is_email($from)) { $msg="From field should be a valid E-mail Id ! "; header("Location:index.php?Act=email&from=$from&sub=$sub&event=$event&status=$status&msg=$msg&to=$to"); exit; } } ////////////// test sending if ($flag=="1") { if(!$partners->is_email($to)) { $msg="Please Enter a valid E-mail Id on Test Field !!"; header("Location:index.php?Act=email&from=$from&sub=$sub&event=$event&status=$status&msg=$msg&to=$to"); exit; } $sql_admin="select * from partners_admin"; $res_admin=mysql_query($sql_admin); $row_admin =mysql_fetch_object($res_admin); //common header and footer $adminheader=stripslashes($row_admin->admin_mailheader); $adminfooter=stripslashes($row_admin->admin_mailfooter); $admin_email = stripslashes($row_admin->admin_email); $today =date("Y-m-d"); /////////// mail sending $headers = "Content-type: text/html; charset=UTF-8\n"; $headers .= "From: $from\n"; $headers =str_replace("[from]",$admin_email,$headers); $body1=" "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" $adminheader "; $body1.=" "; $body1.=" "; $body1.=" $header "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" $body"; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" $footer "; $body1.=" "; $body1.=" "; $body1.=" $adminfooter "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" "; $body1.=" "; //Replace variable in the content with values $body1=str_replace("[aff_firstname]","Affiliate FirstName",$body1); $body1=str_replace("[aff_lastname]","Affiliate LastName",$body1); $body1=str_replace("[aff_company]","Affiliate Company",$body1); $body1=str_replace("[aff_email]","Affiliate Email",$body1); $body1=str_replace("[aff_loginlink]","Affiliate Url",$body1); $body1=str_replace("[aff_password]","Affiliate Password",$body1); $body1=str_replace("[mer_firstname]","Merchant FirstName",$body1); $body1=str_replace("[mer_lastname]","Merchant Lastname",$body1); $body1=str_replace("[mer_company]","Merchant Company",$body1); $body1=str_replace("[mer_email]","Merchant Email",$body1); $body1=str_replace("[mer_loginlink]","Merchant Url",$body1); $body1=str_replace("[mer_password]","Merchnat Password",$body1); $body1=str_replace("[from]",$admin_email,$body1); $body1=str_replace("[commission]","Commission Earned",$body1); $body1=str_replace("[program]","Program Name",$body1); $body1=str_replace("[type]","Transaction type",$body1); $body1=str_replace("[date]","Transaction Date",$body1); $body1=str_replace("[today]",$today,$body1); mail($to,$sub,$body1, $headers); $msg="Mail has been send to ".$to; header("Location:index.php?Act=email&from=$from&sub=$sub&event=$event&status=$status&msg=$msg&to=$to"); exit ; } ////////////// updating table $sql="select * from partners_adminmail WHERE adminmail_eventname='$event'"; $res=mysql_query($sql); if(mysql_num_rows($res)>0) { $sql1="UPDATE partners_adminmail SET adminmail_from ='$from',adminmail_subject='".addslashes($sub)."',adminmail_header='".addslashes($header)."',adminmail_footer='".addslashes($footer)."',adminmail_message='".addslashes($body)."' WHERE adminmail_eventname='$event'"; $sql2="UPDATE partners_event SET event_status ='$status' WHERE event_name='$event'"; $res=mysql_query($sql1) or die ("cant exe"); $res2=mysql_query($sql2) or die ("cant exe 2 nd"); $msg="Message updated "; header("Location:index.php?Act=email&from=$from&sub=$sub&event=$event&status=$status&msg=$msg&to=$to"); } else { $sql1="INSERT INTO partners_adminmail ( adminmail_id , adminmail_eventname , adminmail_from , adminmail_subject , adminmail_message , adminmail_header , adminmail_footer ) VALUES ('', '$event', '$from', '".addslashes($sub)."', '".addslashes($body)."', '".addslashes($header)."', '".addslashes($footer)."')"; $sql2="UPDATE partners_event SET event_status ='$status' WHERE event_name='$event'"; $res=mysql_query($sql1); echo mysql_error(); $res2=mysql_query($sql2) ; echo mysql_error(); $msg="Message updated "; header("Location:index.php?Act=email&from=$from&sub=$sub&event=$event&status=$status&msg=$msg&to=$to"); } ?> I'm trying to figure out how to add "\fs13" to the base64 encoding. For example, the "ad->text" field would look like this
<ad-content type="rtf">ZGZnIGRmZyBkZmcgZGZnIGRmZyBkZmcgZGZnIGRmZyBkZmcgZGZnIGRmZyBkZmcgZGZnIGQ=</ad-content>
The code to generate the above is -- <ad-content type=\"rtf\">".htmlentities(base64_encode($ad->text))."</ad-content>";
I need the encoding to include the "\fs13" in front of the encoded ad-content. The "\fs13" is simply a font size that will tell the system what font size to use.
<ad-content type="rtf">ZGZnIGRmZyBkZmcgZGZnIGRmZyBkZmcgZGZnIGRmZyBkZmcgZGZnIGRmZyBkZmcgZGZnIGQ=</ad-content>
I'm also trying to encode an additional field within the "ad-content type". The present code looks like this:
<ad-content type=\"rtf\">".htmlentities(base64_encode($ad->text))."</ad-content>";
I need to add "($ad->photo_file_name)" to the above, so that the "ad->text" and the "ad->photo_file_name" are within the ad-content type that is being decoded. Hope that makes sense, appreciate ant help, Thanks! Hi, I am trying to get some charecters to display properly in emails that are sent via a form on my site. The finnish characters ä and ö come out as squares when viewed in Outlook. I have tried various encoding types such as UTF-8 and Western European (dreamweaver), both as the script encoding and as the encoding in the mail() function. $body = 'Sähköposti:' ; mail($salesEmail, "Call Back Request", $body, "MIME-Version: 1.0\r\nContent-type: text/html; charset=utf-8\r\nFrom: $salesEmail") ; = 'S�hk�posti:' or just squares in Outlook. I have also tried hard coding them as ä and ö and the symbol literals to no effect. Does anyone know what is causing this? |