[SOLVED] how to catch a >?< in the url please.

redarrow · February 9, 2009

advance thank you.

I want to catch any body that enters any think, in the query string but don't,

seem to no the code, can you help please.

<?php
//.'?' add that to $x will work as a test.

$x=$_SERVER['REQUEST_URI'];

$x=explode('.php',$x);

if(in_array('?',$x)){

echo " oi oi oi oi no no no no no";

exit;
}

?>

not working iver

<?php
//.'?' add that to $x will work as a test.

$x=$_SERVER['QUERY_STRING'];

$x=explode('.php',$x);

if(in_array('?',$x)){

echo " oi oi oi oi no no no no no";

exit;
}

?>

unkwntech · February 9, 2009

I probably can but first I would have to understand your question, what is you the input you are expecting and what are you trying to do with it?

redarrow · February 9, 2009

If a user is on the index page, and wanted to guess, variables,

i want to stop him/her by adding at the top off the page a way to see if a ? is aft her the .php

can you help please.

i have tried every think passable so far need help.

Prismatic · February 9, 2009

If a user is on the index page, and wanted to guess, variables,

i want to stop him/her by adding at the top off the page a way to see if a ? is aft her the .php

can you help please.

i have tried every think passable so far need help.

Just turn register globals off.

redarrow · February 9, 2009

register_globals = Off

there off mate

they been off for years lol, what code can i use the to detect any ? after the .php

if you went to the index.php and added the ? and let the page load i want a error .

Prismatic · February 9, 2009

Well you could do parse_url but I just tested it and it doesn't work for the current page

print_r(parse_url($_SERVER['PHP_SELF']));

Prints

Array ( [path] => /url.php )

Do you mean you dont want people to guess variables you use in $_GET requests? If your script is properly set up and secured nobody should be able to adversely tamper with your script anyway.

redarrow · February 9, 2009

if a user is a school child hacker and added the ? aft her the index.php page i want him to get a error message.

ratcateme · February 9, 2009

if(strpos($_SERVER,"?")!== false){
echo "you put a ? in the URL ";
exit;
}

that what you want??

Scott.

trq · February 9, 2009

if(strpos($_SERVER,"?")!== false){
echo "you put a ? in the URL ";
exit;
}

that what you want??

Scott.

I'm not sure what that meant to do, $_SERVER is an array for starters.

if (isset($_SERVER['QUERY_STRING'])) {
  // do whatever.
}

Prismatic · February 9, 2009

if(strpos($_SERVER,"?")!== false){
echo "you put a ? in the URL ";
exit;
}

that what you want??

Scott.

That probably doesn't work when PHP is in safe mode. I just tested it and got nothing.

redarrow · February 9, 2009

tried this as well , cheers ill try yours as well thank you.

<?php

$url=$_SERVER['PHP_SELF'].'?';

if(preg_match("/(\.php\?)/",$url ,$match)){

print_R($match);

echo " oi oi oi oi no no no no no";

exit;
}

?>

ratcateme · February 9, 2009

sorry i meant

$_SERVER['REQUEST_URI']

if(strpos($_SERVER['REQUEST_URI'],"?")!== false){
echo "you put a ? in the URL ";
exit;
}

Scott.

redarrow · February 9, 2009

tried every example never worked so can you try the way i am trying.

you create a page you then enter a ? at the end example me.php?

then get a error dose not work.

tried every example.

unkwntech · February 9, 2009

<?php

$url=$_SERVER['PHP_SELF'].'?';

if(preg_match("/(\.php\?)/",$url ,$match)){

print_R($match);

echo " oi oi oi oi no no no no no";

exit;
}

?>

The if in the above code will always return TRUE because you are adding the ? just do this:

<?php
if(preg_match('/\.php\?/', $_SERVER['REQUEST_URI']))
{
     die('oi oi oi oi no no no no no');
}

ratcateme · February 9, 2009

what exactly are you trying to achive

i put this code in test.php

<?php
if(strpos($_SERVER['REQUEST_URI'],"?")!== false){
echo "you put a ? in the URL ";
exit;
}
echo "you are ok";

and then went to

/test.php

and got "you are ok"

then went to

/test.php?

and got "you put a ? in the URL "

isn't that what you want?

Scott.

redarrow · February 9, 2009

yes all the examples work with a new loaded page it my fault your all correct.

This seems to be the better way theo, cheers everyone.

<?php
if(preg_match('/\.php\?/', $_SERVER['REQUEST_URI']))
{
     exit('oi oi oi oi no no no no no');
}
?>

trq · February 9, 2009

if your only looking to see if variables where passed through the url this will work.

if ($_SERVER['QUERY_STRING'] != '') {
  echo "the querystring holds variables";
} else {
  echo "the querystring is empty";
}

Sign In

[SOLVED] how to catch a >?< in the url please.

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information