We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

ExpressionEngine and Dreamhost - query string woes.

May 17, 2011 1:19pm

Subscribe [3]

  • #1 / May 17, 2011 1:19pm

    Ray Brown

    33 posts

    I’ve spent the last week tinkering with and issue in an EE2.1.4 site on a Dreamhost server. The *entire* site was working perfectly, except for URLs that contained query strings. Affected pages displayed as white with the phrase “The URI you submitted has disallowed characters.” displayed on the screen. Here’s an example URL: http://site.com/?ACT=20

    These pages are few and far between, but they usually do important things (like log the user out, or redirect the user from PayPal after a purchase). I surmised that one of the rules in my .htaccess file was the cause of the problem, but I wasn’t sure. Some things that I’ve tried in the spirit of experimentation:

    I’ve been using ‘REQUEST_URI’ as my URI Protocol, but I just tried other settings (PATH_INFO, QUERY_STRING, AUTO) and none of them fixed the issue. I tried adding “?” and “=” to the list of characters allowed in the URL (and yes, I escaped the “?”). This setting is in EE’s config.php file. No dice. Also in config.php, I tried enabling support for query strings. Again, no dice.

    I disabled nearly all my conditions/rules below to simplify the debugging process. Still broken. Then I deleted my .htaccess file and the issue still persisted. I poked around with a friend and found that the root of the problem lies in ‘/system/expressionengine/core/EE_URI.php’ on line 202. It reads:

    if (preg_match("#(;|\?|{|}|<|>|http:\/\/|https:\/\/|\w+:/*[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i", $str))

    Changing the line to the following made URLs with query strings work perfectly, as well as the rest of the pages on the site:

    if (preg_match("#(;|{|}|<|>|http:\/\/|https:\/\/|\w+:/*[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i", $str))

    I’m very much against editing core files — especially when I’m unsure of the repercussions. I’ve been struggling with this issue for a week and I’m at my wit’s end. Can anyone explain why “?” characters are manually stripped out of this file, and what problems could arise from my edit of line 202? Can you think of any ways around editing core files? I purchased my first EngineHosting account today (Eeeee! Exciting!) and am prepared to move the site if necessary.

    Thanks!

  • #2 / May 18, 2011 1:40am

    John Henry Donovan

    12339 posts

    bitmanic,

    Reading through your post the only thing I can think of is this. Once you disabled your htaccess did you reinstate index.php back into your General Configuration. Did you then also retest the different URI Protocols again now that the htaccess was disabled?

  • #3 / May 19, 2011 11:39am

    Ray Brown

    33 posts

    I did not. I’ll try that and get back to you when I have time. Thanks, John!

  • #4 / May 19, 2011 5:35pm

    Sue Crocker

    26054 posts

    Let us know what you find out.. We’ll be here.

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register