Thread

Hi, does anybody know a way of allowing query strings to be used in specific controller?  Is there a way of using wildcards / reg expression explained in docs(URI routing) to be able to grab the variable and route it through to my controller without having to enable query strings across the board?

basically our payment gateway sends our customers back to a success or failure page and attaches a get value with details of the transaction.

e.g. http:/mysite/index.php/home/order_success?crypt=DycAHF1HGiA1WRU9

I know i could set up a subfolder outside of CI but i wouldn’t have the use of all my models which just means i’d have to write it all out again in vanilla PHP.

Thanks

I can’t remember if the stock htaccess can tell the difference between actual files, and files that do not exist but get routed through the CI controller.

Currently any file that does literally exist does not get processing through CI for me. I had this situation come up with paypal and did something to the tea of:

/paypal.php

header("Location: /paypal/process_transaction/" . $_GET['crypt']);

That is a down and dirty sample of what I did, as I didn’t do any data cleansing, but I hope you get the idea.

Also if anyone else has a better way, let me know. Two http requests are going to happen for each transaction this way.

you would simply post the transaction to example.com/paypal.php?crypt=df908as7dfd

edit:

I actually created a directory at the root called ‘bootstraps’ and this is where I place these type of situation files.

Thanks for the reply.

This seems like a good solution to the problem for now. Will implement that and see if I can come up with another way of getting round it.

A hackish solution is to define a MY_GET constant in the constants.php file the fetches the GET values

define('MY_GET',$_GET)

Then is doesn’t matter what your settings are.

Hi, thanks for reply.  I get this message using this method. 

Warning: Constants may only evaluate to scalar values in C:\wamp\www\mysite.co.uk\system\application\config\constants.php on line 4

I don’t know the inner workings of CI, so don’t really understand this solution.

Warning: Constants may only evaluate to scalar values

Have a look at http://php.net/define:

The value of the constant; only scalar and null values are allowed. Scalar values are integer, float, string or boolean values.

In order to use an array constant you’d have to serialize it.

It’s a php error. You can’t add an array as a value of a constant. So you have to work with

define('MY_GET',$_SERVER['QUERY_STRING']);

To get the key value(s) out from the string you can use this function

function get_pairs($key='')
{
   parse_str(MY_GET,$pairs);
   // all pairs
   if(empty($key))
   {
      return $pairs;
   }
   // some pairs
   if(is_array($key))
   {
      $keys = array_keys($pairs);
      $output = array();
      foreach($key as $k)
      {
         if(in_array($k,$keys))
         {
            $output[$k] = $pairs[$k];
         }
      }
      return $output
   }
   // a pair value
   if(isset($pairs[$key]))
   {
      return $pairs[$key];
   }
}

Another solution based on the same constant is to repopulate the GET global with the constant after the input class cleaned the globals. The pre_controller hook is best suited for this.

Thanks for these solutions.  I’ll have to dust off the old php book and read up on this.  I’m just a framework monkey really :cheese: but i’ll have a bash at this last solution.

In order to use an array constant you’d have to serialize it.

serializing is another solution but i don’t think it matters much if you do

parse_str(MY_GET,$pairs);

or

$pairs = unserialize(MY_GET);

in the function i wrote before.

I’m going to use the first solution given(so i can get the site up), until I have time to understand and implement the second solution.

the crypt that protx sends back is

DycAHF1HGiA1WRU9VFFGAG1kOChhYTYREgsKbi8mNAEbBipVAnd9HVsORhssSUMAbwNDO3N2eWxFdzRqXiJASH8RGhlGQD1lOX1XCx0FBUAqBgsMU1wiZUYGQWhJXlFhMSdOOUdBJjcEXwI5HQ0eW3k1DwsSZjs7FVMCKw8RHRt/FhY5R0EmFhkLRWlQUkcGYWQvLmF2GGpLcjAMKEQ/eg1iLTB3dgUdMhAwPA0WFEYqEAsLR1k6ZTh5JQg7Kyd8HQcqXmJaPSw1WRU9OwECQDU2UzZ9YR4KOWA4HCwgV3YPcDwdQUAiLEt4Pgw5Nj5jEAYrPBRyJz4Cdxg8VFRXBh0RCxtHRysLAlcFLRpZP3oNASY9cX4LHFB3HDccCgUIaHFASAI=

which poses a few problems.  Firstly it has ‘/’ in it so it looks like additional url segment, and secondly it has ‘=’ in it which is a disallowed character in config file.

Two questions really then. 

1. Is it secure to allow ‘=’ in the permitted_uri_chars.
2. Any ideas on how to overcome the ‘/’ problem (urlencode() perhaps?)

urlencode() and urldecode() should get rid of all those weird characters and all you to pass in the uri (may have to add additional allowable characters)

thanks i seem to be getting somewhere now.  Just an additional thought is there any way you could use the .htaccess file to grab the get variable using reg expression and rewrite the url.

not sure if this would be an easier solution or not?

Yeah you can.

Maybe something like this?

RewriteRule ^processor.php\?crypt=(.+)/?$ controller/method/processor/$1 [L]

You may also have to use RewriteCond %{QUERY_STRING}. I havn’t used the RewriteCondition before so I have no idea how to carry it to the rule below.

Edit: make sure this rule is above all the other rules

If you want the code of the second solution

// constants.php
define('GET_HACK',$_SERVER['QUERY_STRING']); 
// config.php
$config['enable_hooks'] = TRUE;
// hooks.php
$hook['pre_controller'] = array(
                                'function' => 'const_to_get',
                                'filename' => 'get_hack.php',
                                'filepath' => 'hooks',
                                );
// get_hack.php
function const_to_get()
{
   parse_str(GET_HACK,$_GET);
}

thanks xwero, trying to use your solution but I’m still struggling to implement it.  Read the docs on hooks and still can’t get it.

have set everything the following

// constants.php
define('GET_HACK',$_SERVER['QUERY_STRING']);
// config.php
$config['enable_hooks'] = TRUE;
// hooks.php
$hook['pre_controller'] = array(
                                'function' => 'const_to_get',
                                'filename' => 'get_hack.php',
                                'filepath' => 'hooks',
                                );
// get_hack.php
function const_to_get()
{
   parse_str(GET_HACK,$_GET);
}

so the payment gateway posts back to home/order_success

home/order_success?crypt=DycAHF1HGiA1WRU9VFFGAGBkOChhYTYREgsKYV4mR3NhdFlVCwR2HVt1RG8vSUdzHQNDPnd2dmAwDjVpKFwySH8RGhlGQD1lOX1XCx0FBUAqBgsMU1wiZUYGQWhJXlFhMSdOOUdBJjcEXwI5HQ0eW3k1DwsSZjs7FVMCKw8RHRt/FhY5R0EmFhkLRWlQU0cNb2QvLmF2GGpLcjAMKEQ/eg1iLTB3dgUdMhAwPA0WFEYqEAsLR1k6ZTh5JQg7Kyd8HQcqXmJaPSw1WRU9OwECQDU2UzZ9YR4KOWA4HCwgV3YPcDwdQUAiLEt4Pgw5Nj5jEAYrPBRyJz4Cdxg8VFRXBh0RCxtHRysLAlcFLRpZP3oNASY9cX4LHFB3HDccCgUIaHVASAI=

Obviously the first thing that I get is a 404.  How does the solution that you provided strip the query string out so i don’t get the 404?

Thanks