#1
  1. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2006
    Posts
    618
    Rep Power
    15

    Url encode and spaces


    I have members on my site with usernames that contain characters like +

    I can use urlencode to get the username to work with the database fine
    PHP Code:
    urlencode($row['name']) 
    The problem is when i get a member that has a space in their name, it substitutes the spaces for %20, which then can not be found in the database. Is there a better way than using url encode or a way of solving it?
  2. #2
  3. Confusing Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    15,932
    Rep Power
    9570
    Originally Posted by Desbrina
    I can use urlencode to get the username to work with the database fine
    Dare I ask what you mean by that?
  4. #3
  5. Null Pointer Exception
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2006
    Location
    america
    Posts
    3,306
    Rep Power
    1582
    typically if you urlencode() a string, its to send it to another page as a GET variable, on the page that receives the GET variable usually uses urldecode() to reverse what urlencode() does and get the original string.

    It sounds like your trying to use it for something totally unrelated to it's purpose. Perhaps you shoudl explain more or post some code.
  6. #4
  7. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2006
    Posts
    618
    Rep Power
    15
    This is the current code for the user page
    PHP Code:
    $user mysql_real_escape_string($_GET['user']);
        
    $sql "SELECT *
        FROM user_templates
        WHERE user = '"
    .$user."'
        LIMIT 1"
    ;
        
    $result mysql_query($sql);
        if(
    mysql_num_rows($result) == 0) {
            echo 
    "User: \"".$_GET['user']."\"<br />SQL: ".$sql."<br />";
            die(
    "Error Loading Template Data");
        } else {
            while (
    $row mysql_fetch_array($result)) {
                
    $order = array("bcolour" => $row['bcolour'], "fcolour" => $row['fcolour'], "place1" => $row['place1'], "place2" => $row['place2'], "place3" => $row['place3'], "place4" => $row['place4'], "place5" => $row['place5'], "place6" => $row['place6'], "place7" => $row['place7'], "place8" => $row['place8'], "place9" => $row['place9'], "place10" => $row['place10'], "place11" => $row['place11'], "place12" => $row['place12'], "place13" => $row['place13'], "place14" => $row['place14'], "place15" => $row['place15']);
            }
        } 
    What i'm trying to do is when a user types the url for a members page in it works correctly. currently for characters such as + it doesn't

    When doing it from the memberlist the +Britt+ gets changed to %2BBritt%2B and the sailor moon rocks gets changed to sailor+moon+rocks which works fine.

    If i type the users name in to the url. ie: http://midnighttempest.com/users/user.php?user=+Britt+

    i get the following error
    User: " Britt "
    SQL: SELECT * FROM user_templates WHERE user = ' Britt ' LIMIT 1
    Error Loading Template Data
  8. #5
  9. No Profile Picture
    I haz teh codez!
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2003
    Posts
    2,574
    Rep Power
    2341
    Why the hell would you store a user's name in the DB with leading and trailing spaces? This is a design problem. If you really *want* leading and trailing spaces, they should be added at output. Fix that, not this silliness. That way lies madness.
  10. #6
  11. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2006
    Posts
    618
    Rep Power
    15
    I'm not storing leading and trailing spaces in the database. The username is +Britt+ but the SQL statement is only picking up ' Britt ', not the +'s.

    Comments on this post

    • ptr2void agrees : Sorry I misunderstood
  12. #7
  13. Null Pointer Exception
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2006
    Location
    america
    Posts
    3,306
    Rep Power
    1582
    you shouldnt have +Britt+ put into a GET variable like that it should instead be

    %2BBritt%2B
    (use urlencode() to generate that string), on the page that is comparing that username against the database, should do something like this

    PHP Code:
     $user mysql_real_escape_string(urldecode($_GET['user']));
        
    $sql "SELECT *
        FROM user_templates
        WHERE user = '"
    .$user."'
        LIMIT 1"
    ;
        
    $result mysql_query($sql);
        if(
    mysql_num_rows($result) == 0) {
            echo 
    "User: \"".$_GET['user']."\"<br />SQL: ".$sql."<br />";
            die(
    "Error Loading Template Data");
        } else {
            while (
    $row mysql_fetch_array($result)) {
                
    $order = array("bcolour" => $row['bcolour'], "fcolour" => $row['fcolour'], "place1" => $row['place1'], "place2" => $row['place2'], "place3" => $row['place3'], "place4" => $row['place4'], "place5" => $row['place5'], "place6" => $row['place6'], "place7" => $row['place7'], "place8" => $row['place8'], "place9" => $row['place9'], "place10" => $row['place10'], "place11" => $row['place11'], "place12" => $row['place12'], "place13" => $row['place13'], "place14" => $row['place14'], "place15" => $row['place15']);
            }
        } 

    notice the use of urldecode on line 1.....

    when you use urldecode it turns the string back into +Britt+, which should be the string in the database that you are looking for.

    btw what is up with this

    PHP Code:
    while ($row mysql_fetch_array($result)) {
                
    $order = array("bcolour" => $row['bcolour'], "fcolour" => $row['fcolour'], "place1" => $row['place1'], "place2" => $row['place2'], "place3" => $row['place3'], "place4" => $row['place4'], "place5" => $row['place5'], "place6" => $row['place6'], "place7" => $row['place7'], "place8" => $row['place8'], "place9" => $row['place9'], "place10" => $row['place10'], "place11" => $row['place11'], "place12" => $row['place12'], "place13" => $row['place13'], "place14" => $row['place14'], "place15" => $row['place15']);
            } 
    you should think about using mysql_fetch_assoc()
    Last edited by misterdanny; May 24th, 2008 at 09:04 AM.
  14. #8
  15. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2006
    Posts
    618
    Rep Power
    15
    but the problem i'm faced with is telling all the users to replace that character and characters like it, therefore having to look the replacement up everytime a new one is used
  16. #9
  17. Null Pointer Exception
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2006
    Location
    america
    Posts
    3,306
    Rep Power
    1582
    that doesnt really make any sense, the replacement strings/characters dont ever change, theyve been the same for a while.

    you should really just make it so they can't put special cahracters in their name if you want to make it easier to type in URLs, or have a page to type in a username and have it urlencode() the name for them.
  18. #10
  19. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2006
    Posts
    618
    Rep Power
    15
    what i meant was, i have to tell the members when they want to go directly to the users page that they must remember to replace + with %2B. And when someone else signs up that uses a different character to +, say ~, i have the same problem. I think the easiest solution will be to stop people from using these characters, even though i don't want to

    What's the easiest way to allow numbers, letters and spaces in a name but nothing else.
  20. #11
  21. Null Pointer Exception
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2006
    Location
    america
    Posts
    3,306
    Rep Power
    1582
    just do what I said, have a page that urlencodes the name for them


    type in username here ______ and click submit to view that users profile
  22. #12
  23. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Sep 2006
    Posts
    618
    Rep Power
    15
    i have a page that does that already, i meant for if someone types it directly into the address bar
  24. #13
  25. Null Pointer Exception
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2006
    Location
    america
    Posts
    3,306
    Rep Power
    1582
    theres nothing you can do besides not allow special characters or get them to memorize how to urlencode strings in their head in that case.
  26. #14
  27. Confusing Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    15,932
    Rep Power
    9570
    Attempt to use the name as-is, but if that doesn't return any matches, urlencode() it and try again.
    Thus /+Britt+ won't work for " Britt ", but if you urlencode() that you'll get "+Britt+" and it will work.

    Problem is if there's another user named " Britt "...
  28. #15
  29. No Profile Picture
    Contributing User
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    May 2006
    Location
    I'm sneaking up behind you.
    Posts
    1,490
    Rep Power
    834
    If you have some kind of integer that is unique to each user in the user_templates table, you can use that instead of names in the url. Downside: users will have to remember the number unique to them.
    Another idea (more painstaking one): Create a copy of the table. Change the user names; allow only alphabets, digits and underscores, remove everything else. See if you have any duplicates. If yes, change the duplicates in some way. Notify the users of the change in names.
    Why do we always seek someone, something or some thought? Are we afraid of ourselves?

IMN logo majestic logo threadwatch logo seochat tools logo