How to pass safely text with URLs as a parameter to a CodeIgniter controller?

Question

I'm trying to send from JavaScript, by using jQuery, via AJAX, a string that might contain one or more URL's.

That text will be recieved by a CodeIgniter controller.

I'm having some errors. Sometimes it's a 404 error or other times is a 406 error depending on the way I send the data.

Right now I send it like this:

var dsPost = encodeURIComponent(base64_encode(postContent));

$.ajax({
    url: "/posts/createTextPost/" + dsPost,
    type: "POST",
    data: "userIdWall" + "=" + userIdWall,
    success: function(data, textStatus, jqXHR) {

    },
    error: function (jqXHR, textStatus, errorThrown) {

    }
});

The base64_encode fn is the phpjs implementation.

In the CI controller I do this:

public function createTextPost($dsPost) {
    $dsPost = base64_decode(urldecode($dsPost));
}

The thing is, the data can be saved to the database but I can't understand why the 404 error.

Any ideas?

Thanks.

Answer 1

base64_encode() function sometimes add / in encoded string so the Codeigniter action method behaving like second paramameter

In case Encoded String like: qwqw221@1223/dds*(ewfd)

than issue with ci

string part after "/" char behaving like 2 ^nd param

'*' is not allowed char

So you should use GET query string instead of CI param

Like

url: "/posts/createTextPost/?crypt=" + dsPost

And get query sting in CI controller action

public function createTextPost() {
     $dsPost = base64_decode(urldecode($this->input->get("crypt")));
}

Answer 2

I would recommend to add the dsPost to your data in the AJAX call, instead of adding it as a parameter to the url:

$.ajax({
    url: "/posts/createTextPost/",
    type: "POST",
    data: { "dsPost": dsPost, "userIdWall", userIdWall },
    success: function(data, textStatus, jqXHR) {
      // Yippie!
    },
    error: function (jqXHR, textStatus, errorThrown) {
      // Bhuhuhu....
    }
});

...and then update your CI controller to work with the posted object instead of the input parameter:

public function createTextPost() {
  $dsPost = base64_decode( urldecode( $this->input->post('dsPost') ) );
  userIdWall = $this->input->post('userIdWall');
}

Answer 3

You have to send the content through ajax data like below.

$.ajax({
//double check your url setting in this way in case you have diffrent setting for index.php      then remove the index.php
url: "<?=base_url()?>.index.php/posts/createTextPost/",

type: "POST",
data: { 
       "dsPost": dsPost, 
       "userIdWall", userIdWall 
},
success: function(data, textStatus, jqXHR) {

},
error: function (jqXHR, textStatus, errorThrown) {

}
});

then in your controller

public function createTextPost() {
$dsPost = base64_decode( urldecode( $this->input->post('dsPost') ) );
$userIdWall=$this->input->post('userIdWall');

I hope it will help.

Answer 4

So, thanks for the ideas but the answer can be found here:

PHP/Apache Error:406 Not Acceptable

I quote the answer given there:

Your website is generating error if any user input item is starting with either http:// or https:// .

When I try with a link starting with http:// I got a 406 Not Acceptable :

http://onkore.us/?blah=http://www.google.com

It is fine when I try this :

http://onkore.us/?blah=www.google.com