Jump to content

How to pass HTML Tags through base64_decode?

Monkuar

By Monkuar
in PHP Coding Help

 Share

Recommended Posts

Monkuar Advanced Member

Monkuar

Posted
Posted

Like let's say  I have

 

$message = base64_encode('<b>Hello</b>');

 

then i decode it

 

$decodedmessage = base64_decode($message);

 

it doesn't work and shows like

 

"<b[?? " or some weird numbers.

 

 

Hope u can help !

 

 

using htmlentitties works but just shows the characters , i need it to actually show html lol

Monkuar Advanced Member

Monkuar

Posted
  • Author
Posted

Just found a fix for enabling HTML IN BASE_64 ENCODING METHOD

 

USE THIS TO ENCODE:

 

 

base64_encode(rawurlencode($message));

 

 

 

TO DECODE USE:

 

rawurldecode(base64_decode($message));

 

 

Thanks, have nice day everyone!!!! Add this to the snippetS !

Christian F. Member

Christian F.

Posted
Posted

What? No! This is wrong, simply wrong.

There should be no need what so ever to use rawurlencode () and rawurldecode () here. That's only for adding data as GET parameters to an URL. Base64-encoding something would make the whole raw URL-encoding moot anyway, as it completely translates the string (to something potentially NOT-url compatible, btw).

 

You were doing something else wrong, and accidentally fixed it when adding the URL-encoding.

Monkuar Advanced Member

Monkuar

Posted
  • Author
Posted

What? No! This is wrong, simply wrong.

There should be no need what so ever to use rawurlencode () and rawurldecode () here. That's only for adding data as GET parameters to an URL. Base64-encoding something would make the whole raw URL-encoding moot anyway, as it completely translates the string (to something potentially NOT-url compatible, btw).

 

You were doing something else wrong, and accidentally fixed it when adding the URL-encoding.

 

Lol, i don't know.

 

w/e I did, it works though and html works haha.

 

I just have a simple redirection page

 

redirect("rofl.php?=1", " Thanks, page edited! ");

 

and then I just encode both those values in base64 and rawurl and pass them through $_GET so it looks sexy in the web address bar with encoded numbers/letters, the html wasn't working so I tried this way I posted and it worked? Blah

 

edit: mind you, no databases or nothing is involved here

Christian F. Member

Christian F.

Posted
Posted

If you pass the base64-encoded value in the URL, then you'd need to URL-encode them, yes. However, that should only be done after base64-encoding them, seeing as it's the equal signs used for padding that gets messed up in that case. If it worked the other way around, as posted above, then this was purely by coincidence as the string became long enough not to require padding.

Should have noted that you were sending the result via GET though, in the first place.

 

That said: I'd never send any kind of static page-content via the browser. That's just asking for an attacker to abuse it. What I'd done is to set a status value in the URL, and then check for it on the server-side. If set (properly), then show the confirmation message. Simple, clean and secure.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.