Curious if anyone knows if codeigniter's form validation built in max_length[n] and min_length[n] functions count unicode characters as 1 character or the sum of all the characters used symbolize the unicode character?
I noticed when I var_dump the string it counts all the characters, just wondering if code igniter or php has a built in function to count unicode characters?
Thanks.
You can make your own callback validation:
$this->form_validation->set_rules('rule', 'The rule', 'callback_checkUnicode');
And the check the unicode string>
public function checkUnicode($string)
{
if (strlen($string) != strlen(utf8_decode($string)))
{
//is unicode: add your own counter condition here
return true;
}
return false
}
Codeigniter uses php's mb_strlen if it's available on your php installation which allows for an encoding parameter to be passed along, otherwise it defaults to php's basic strlength which doesn't allow you to pass the string encoding along. The trouble is that CI doesn't give you the ability to pass along the possible encoding for max_length[n]...
If you need it to compensate for the encoding, you might be better served rolling your own validation with just raw php.
Related
I have created an endpoint that accepts a string in its request param
#GetMapping(value = "/validate")
private void validateExpression(#RequestParam(value = "expression") String expression) {
System.out.println(expression);
// code to validate the input string
}
While sending the request from postman as
https://localhost:8443/validate?expression=Y07607=Curr_month:Y07606/Curr_month:Y07608
// lets say this is a valid input
console displays as
Y07607=Curr_month:Y07606/Curr_month:Y07608 Valid
But when i send
https://localhost:8443/validate?expression=Y07607=Curr_month:Y07606+Curr_month:Y07608
//which is also an valid input
console displays as
Y07607=Curr_month:Y07606 Curr_month:Y07608 Invalid
I am not understanding why "+" is not accepted as parameter.
"+" just vanishes till it reaches the api! Why?
I suggest to add this regular expression to your code to handle '+' char :
#GetMapping(value = "/validate")
private void validateExpression(#RequestParam(value = "expression:.+") String expression) {
System.out.println(expression);
// code to validate the input string
}
I didn't find any solution but the reason is because + is a special character in a URL escape for spaces. Thats why it is replacing + with a " " i.e. a space.
So apparently I have to encode it from my front-end
Its wise to encode special characters in a URL. Characters like \ or :, etc.
For + the format or value is %2. You can read more about URL encoding here. This is actually the preferred method because these special characters can sometimes cause unintended events to occur, like / or = which can mean something else in the URL.
And you need not worry about manually decoding it in the backend or server because it is automatically decoded, in most cases and frameworks. In your case, I assume you are using Spring Boot, so you don't need to worry about decoding.
I am looking at the Content Encoding field in the HTTP Request sampler. Don't confuse this with the HTTP Content-Type header.
By default the value in the Content Encoding field is empty. What does empty mean? What is the default content encoding for jmeter HTTPRequest? Is it ASCII or ANSI or UTF-8?
This guide only mentions that it is not a required field.
Dmitri's answer points to code related to encoding of query strings, but this led me to looking at the code of PostWriter class which creates the actual body of the request - and if sampler does not provide a content encoding - ISO-8859-1 is used for encoding of the body:
public static final String ENCODING = StandardCharsets.ISO_8859_1.name();
...
String contentEncoding = sampler.getContentEncoding();
if(contentEncoding == null || contentEncoding.length() == 0) {
contentEncoding = ENCODING;
}
To point out why I downvoted the reply above (Dmitri T's answer):
I had issues with spanish accents and characters, and I spent hours trying to figure it out, assuming the above answers: that leaving it blank is equivalent to UTF-8. After specifically setting it to UTF-8, no more spanish characters issues.
SO, DO NOT LEAVE BLANK IF YOU NEED UTF-8.
As per JMeter 5.2
Looking into HTTPSamplerBase.java:1136
// Check if the sampler has a specified content encoding
if (JOrphanUtils.isBlank(lContentEncoding)) {
// We use the encoding which should be used according to the HTTP spec, which is UTF-8
lContentEncoding = EncoderCache.URL_ARGUMENT_ENCODING;
}
Looking into EncoderCache:31
/** The encoding which should be usd for URLs, according to HTTP specification */
public static final String URL_ARGUMENT_ENCODING = StandardCharsets.UTF_8.name();
So leaving the field blank is equal to setting it to UTF-8
Given this ApiController:
public string TestString() {
return "The value is: " + 1.23;
}
public double TestDouble() {
return 1.23;
}
With the browser's language set to "fr-FR", the following happens:
/apiController/TestString yields
<string xmlns="http://schemas.microsoft.com/2003/10/Serialization/">The value is: 1,23</string>
/apiController/TestDouble yields
<double xmlns="http://schemas.microsoft.com/2003/10/Serialization/">1.23</double>
I would expect TestDouble() to yield 1,23 in the XML. Can anyone explain why this isn't the case and, more importantly, how to make it so that it does?
It is because the conversion from double to string happens at different stage for each API. For the TestString API, double.ToString() is used to convert the number to a string using CurrentCulture of the current thread and it happens when the TestString method is called. Meanwhile, the double number which is returned by TestDouble is serialized to string during the serialization step which uses GlobalConfiguration.Configuration.Formatters.JsonFormatter.SerializerSettings.Culture.
In my opinion, both should use InvariantCulture. On the consumer side, the values will be parsed and be formatted with the correct culture.
Update: this is only used for JsonFormatter. XmlFormatter doesn't have such a setting.
Update 2:
It seems (decimal) numbers need special converter to make it culture-aware:
Handling decimal values in Newtonsoft.Json
Btw, if you want o change data format per action/request, you can try the last piece of code of the following link: http://tostring.it/2012/07/18/customize-json-result-in-web-api/
I have the same problem as the people below, but the solutions offered for them does not work for me.
CodeIgniter - disallowed key characters
CodeIgniter Disallowed Key Characters
Disallowed key characters error message in Codeigniter (v2)
I get "Disallowed Key Characters" when I submit a form.
I have CSRF protection enabled, and I am using arrays in my form field names (i.e., search[] as the name as there are multiple selection dropdown options). I have a feeling it is the "[]" in the form name that bothers this form.
I have followed all advice I could see in the posts above.
I disabled CSRF temporarily,
I disabled XSS temporarily,
I edited $config['permitted_uri_chars'] and
I edited Input.php where this message is generated.
Anybody has any additional ideas of what could cause this problem on form submission?
Thanks!
Like my answer here — you just need to update the regex in MY_Input->_clean_input_keys() to allow more characters (eg escaped JSON, or escaped HTML/XML)
Allow just 'English': !preg_match("/^[a-z0-9\:\;\.\,\?\!\#\#\$%\^\*\"\~\'+=\\\ &_\/\.\[\]-\}\{]+$/iu", $str)
Allow Chinese Characters: !preg_match("/^[a-z0-9\x{4e00}-\x{9fa5}\:\;\.\,\?\!\#\#\$%\^\*\"\~\'+=\\\ &_\/\.\[\]-\}\{]+$/iu", $str)
My full working function looks like this:
public function _clean_input_keys($str) {
// NOTE: \x{4e00}-\x{9fa5} = allow chinese characters
// NOTE: 'i' — case insensitive
// NOTE: 'u' — UTF-8 mode
if (!preg_match("/^[a-z0-9\x{4e00}-\x{9fa5}\:\;\.\,\?\!\#\#\$%\^\*\"\~\'+=\\\ &_\/\.\[\]-\}\{]+$/iu", $str)) {
/**
* Check for Development enviroment - Non-descriptive
* error so show me the string that caused the problem
*/
if (is_env_dev()) {
var_dump($str);
}
exit('Disallowed Key Characters.');
}
// Clean UTF-8 if supported
if (UTF8_ENABLED === TRUE) {
return $this->uni->clean_string($str);
}
return $str;
}
my_helper.php
if (!function_exists('is_env_dev')) {
function is_env_dev() {
return (
defined('ENVIRONMENT') && strtolower(ENVIRONMENT) == 'development' ||
defined('ENVIRONMENT') && strtolower(ENVIRONMENT) == 'testing'
);
}
}
Thanks, but I found a comment hidden way below (right at the bottom at the time of this writing) on another post here: CodeIgniter Disallowed Key Characters
The comment suggested that I add $str to the exit() comment to test. This indicated that I had a missing double quote in my form fields. It is a very complex form built up dynamically, with 300 lines of code, so easy to miss.
Hope this answer (and the comment that inspired it) helps someone else.
Validating the source of the output could prevent problems such as this one :-)
Regards
In CodeIgniter, how do i validate phone numbers containing '+' and '-' symbols?
You cannot enter a number with "-" since you defined integer as the validation rule. Therefore, the validation will fail. You need to work with RegEx so that you can create more complex validation. See the topic on validations in the CI manual for more info.
Your validation rule:
$this->form_validation->set_rules('foo', 'Number', 'callback_number_validation');
Note how the keyword callback_ is used to identify CI your function for validation.
Your callback function:
//$str will be the value you want to verify
function number_validation($str) {
return preg_match("your_regex", $str) ? true: false;
}