1

I used the PHP's urlencode and INSERTED to the database using PDO bindParamiter....

I KNOW I SHOULD NOT CARE ABOUT urlencoding the DATA and that I SHOULD let PHP-PDO Sanitize

but, some how I would like to urlencode first be fore databasing.

Something like:

if(isset($_POST['url']))  {

$_POST['url'] = urlencode($_POST['url']);

//INSERT QUERY:
"INSERT INTO table_name (url_1) VALUES (:url_1)"

PDO Binding:

 /*** bind the paramaters ***/
        $stmt->bindParam(':url_1', $_POST['url'])
}

To retrieve the data: PHP 

    if(isset($_GET['url_string'])){

    //RUN Select Query using PDO Mysql

    $getURL = "SELECT url_1 FROM table_name"

    //The $getURL variable will contain an associative array like: 

   // array [0]['url_1'] ///This will be the valued inserted previously.

    ///Then json_encode()

    $sendOut = json_encode(array('url_DATA' => $getURL))

    echo $sendOut;
    }

The PROBLEM:

I am using jQuery's $.getJSON function to get the data from the Database.

Something like:

$.getJSON('ulr.func.php',{url_string:""},function(myOutPut){


    // Then I decode the URL retrieved from the DATABASE here.

      decodeURIComponent(myOutPut.url_DATA)

The decodeURIComponent Screams:

URIError: malformed URI sequence

})

In Firebug Console under Response I see the perfect desired output something like:

[{"unit_id":"46","unit_name":"21A","unit_pic_url":"*uProf/46/pcs/pdsp/p500/c2f971b1e92b2dce68489198cf0a300a_158_15875.jpg*uProf/46/pcs/pdsp/p500/b5c4045574cb0f927fb096b6369f4ba5_78_72234.jpg*uProf/46/pcs/pdsp/p500/6fb26702857b0f464c543a9c13a1f7b1_333_228657.jpg*uProf/46/pcs/pdsp/p500/69c18d8cbf8e940b23f9abe8138d0e7f_303_211896.jpg*uProf/46/pcs/pdsp/p500/9e74b1d7d037cd9de95c0b78522e04a2_321_79258.jpg","unit_default_pic":"uProf/46/pcs/pdsp/p500/c2f971b1e92b2dce68489198cf0a300a_158_15875.jpg","unit_building":"21","unit_building_name":"ELIZABETH+PLACE","unit_location":"4","location_name":"Salcedo+Village","city":"2","city_name":"Makati","unit_for":"1","unit_type":"2","unit_size":"109sqm","unit_improvements":"Fully+Furnished","unit_view":"Elizabeth+Place","unit_condition":"Well+Maintained","unit_status":"Vacant+","unit_availability":"Anytime","unit_parkings":"1","unit_price":"75,000.00","unit_amenities":"Swimming+pool%2CGym+and+Function+Room","unit_proximities":"+Near+Salcedo+Village","unit_remarks":"2+Bedroom+For+Rent+%40+ELIZABETH+PLACE%0D%0ADescription%3A+FULLY+FURNISHED+%0D%0AAsking+Price%3A+P75%2C000+inclusive+association+dues+%0D%0AFloor+Area%3A109+sqm%0D%0AFloor+level%3A+Higher-floor%0D%0AContact+Person%3A+Ms.+Angel+Velo%0D%0ACel+no.+%3A+09175790257%2F+09989748767%0D%0ATel+no.%3A+894-4745%2F+979-4842","unit_map":"%3Ciframe+width%3D%22425%22+height%3D%22350%22+frameborder%3D%220%22+scrolling%3D%22no%22+marginheight%3D%220%22+marginwidth%3D%220%22+src%3D%22https%3A%2F%2Fmaps.google.com.ph%2Fmaps%3Ff%3Dq%26amp%3Bsource%3Ds_q%26amp%3Bhl%3Den%26amp%3Bgeocode%3D%26amp%3Bq%3Delisabeth%2Bplace%2Bmakati%2Csalcedo%2Bvillage%26amp%3Baq%3D%26amp%3Bsll%3D14.546956%2C121.05351%26amp%3Bsspn%3D0.007685%2C0.013078%26amp%3Bie%3DUTF8%26amp%3Bhq%3Delizabeth%2Bplace%2Bmakati%2Csalcedo%2Bvillage%26amp%3Bhnear%3D%26amp%3Bll%3D14.561158%2C121.022669%26amp%3Bspn%3D0.030738%2C0.052314%26amp%3Bt%3Dm%26amp%3Bz%3D14%26amp%3Biwloc%3DA%26amp%3Bcid%3D8098826603847629943%26amp%3Boutput%3Dembed%22%3E%3C%2Fiframe%3E%3Cbr+%2F%3E%3Csmall%3E%3Ca+href%3D%22https%3A%2F%2Fmaps.google.com.ph%2Fmaps%3Ff%3Dq%26amp%3Bsource%3Dembed%26amp%3Bhl%3Den%26amp%3Bgeocode%3D%26amp%3Bq%3Delisabeth%2Bplace%2Bmakati%2Csalcedo%2Bvillage%26amp%3Baq%3D%26amp%3Bsll%3D14.546956%2C121.05351%26amp%3Bsspn%3D0.007685%2C0.013078%26amp%3Bie%3DUTF8%26amp%3Bhq%3Delizabeth%2Bplace%2Bmakati%2Csalcedo%2Bvillage%26amp%3Bhnear%3D%26amp%3Bll%3D14.561158%2C121.022669%26amp%3Bspn%3D0.030738%2C0.052314%26amp%3Bt%3Dm%26amp%3Bz%3D14%26amp%3Biwloc%3DA%26amp%3Bcid%3D8098826603847629943%22+style%3D%22color%3A%230000FF%3Btext-align%3Aleft%22%3EView+Larger+Map%3C%2Fa%3E%3C%2Fsmall%3E","unit_display_mode":"1","added_by":"Angel_Baldo_Velo","added_by_email":"eirishanjelavelo@yahoo.com","added_date":"2013-12-05 01:17:08","stags":"2BR, 109sqm, ELIZABETH+PLACE, [1] Parking(s), Vacant+, Makati"}]

EDIT *This is Copied and Pasted here:* http://meyerweb.com/eric/tools/dencoder/

and Produces NO ERROR but decodes perfectly as desired.

What are they doing so that their site could easily decode the encoded data?... Any suggestion is highly appreciated.

Universal Grasp
  • 1,835
  • 3
  • 20
  • 29
  • `urlencode()`ing data before inserting it into a database is completely pointless. It serves no security purpose whatsoever, and can inflate your data to up to 2-3 times their original size. So why do it? – Pekka Dec 16 '13 at 06:43
  • If that's the case then how come http://meyerweb.com/eric/tools/dencoder/ easily decodes the output? with **NO ERROR** ... What could they possibly be doing to be able to decode data is such a structure? – Universal Grasp Dec 16 '13 at 06:51
  • I'm not sure what goes wrong, but it arguably doesn't really matter either. URLencoding is *completely unnecessary* in this situation. There is no reason to be doing it in the first place. – Pekka Dec 16 '13 at 06:59
  • Still that does not direct me to the reason why am getting the Error... My Point is if the OutPut data was being affected by the urlencode() then what could possibly be the reason why the same String is being well decoded in the decoder with _no error_ but _Errors_ in the Application?.. – Universal Grasp Dec 16 '13 at 07:04
  • I mean what if the data had to be `urlencoded` anyway?.. or you mean that the `urlencode` function is kind of _deprecated_? nothing says that here: http://php.net/function.urlencode . Please _Educate me_ . thx – Universal Grasp Dec 16 '13 at 07:13

1 Answers1

2

I think you can try to unescape first the string then decodeURI later because PHP-PDO escapes stuffs in your string.

user2742774
  • 21
  • 2