l4ci Posted March 3, 2011 Share Posted March 3, 2011 Hey there, wondering if anyone knows what this topic will be about okay lets start: I have a search function on my site. Basically I do this: if $_POST -> redirect ?search=$_POST if $_GET['search'] - > sql_query($search); Of course I am working with functions like mysql_real_escape_string - addslashes - htmlspecialchars , but I have the following problem: when redirecting chars like & % ? ! kill my $_GET var. Which function solves this? My solution: I convert every char in $_POST into an ascii code -> redirect ?search=$ascii_codes convert back into $string and do safe search. Link to comment https://forums.phpfreaks.com/topic/229484-safe-site-search-via-ascii/ Share on other sites More sharing options...
l4ci Posted March 3, 2011 Author Share Posted March 3, 2011 urlencode() does the trick anway if someone needs to convert a string into an asci string and back here you go: Convert into ASCII: $wort = trim(stripslashes($wort)); $c = strlen($wort); $asci = ""; $i = 0; while($i<=$c){ if($i != $c){ $asci .= ord($wort[$i]); if($i+1 != $c){ $asci .= "_"; } } $i++; } $query = $asci; Convert back: $asci = trim($asci); $array = explode("_",$asci); $string = ""; foreach ($array as $value){ $string .= chr($value); } Link to comment https://forums.phpfreaks.com/topic/229484-safe-site-search-via-ascii/#findComment-1182340 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.