This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.
The active forums are here.
September 11, 2012 3:22pm
Subscribe [0]#1 / Sep 11, 2012 3:22pm
We’re experiencing an issue here using tracking code with ‘dots’ in the query string
example:
eesite.com/?tracker=123456.1.200.1.0.0
always triggers ‘Invalid GET Data’
It seems that others are experiencing similar issues with google query strings and that either a fix in EE_Input.php or mod_rewrite should allow these to pass through properly..
Does anyone have any advice how to fix this?
#2 / Sep 11, 2012 5:56pm
Update:
We have it working by commenting out lines 100-127 of expressionengine/core/EE_input.php
The question is exactly what function does this GET section perform and is it even necessary?
Note: everything else appears to work completely fine with the entire section below commented out
if (isset($_GET))
{
foreach($_GET as $key => $val)
{
if ($filter_keys == TRUE)
{
if (is_array($val))
{
$data = '';
if ((int) config_item('debug') == 2)
{
$data = '
'.htmlentities(print_r($data, TRUE));
}
set_status_header(503);
exit(sprintf("Invalid GET Data - Array %s", $data));
}
elseif (preg_match("#(;|\?|exec\s*\(|system\s*\(|passthru\s*\(|cmd\s*\(|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i", $val))
{
$data = ((int) config_item('debug') == 2) ? '
'.htmlentities($val) : '';
set_status_header(503);
exit(sprintf("Invalid GET Data %s", $data));
}
}
}
}
#3 / Sep 12, 2012 4:31pm
Hi wildermagic,
I’m glad you were able to come to a solution.
Just make sure to track your changes along with updates to ExpressionEngine.
Is there anything else I can assist you with?
Cheers,
#4 / Sep 12, 2012 8:11pm
Hey Dan,
What I was asking above after commenting out that GET section is - what are the ramifications of doing this? Does this break anything that might not be readily apparent?
EE is obviously broken when it comes to any outside query strings as many, many, many users have noted.
This has been going on for quite some time and multiple updates (months if not years). It has cost companies like ours a lot of lost revenue. We’ve stood by patiently waiting for this to be fixed (as have many others) and nothing - there’s even bug reports on this and still nothing.. This is a very SERIOUS matter when your entire system falls on it’s face due to a simple GET request and I think it needs a great deal more attention than it has so far been given.
Thanks =)
WM
#5 / Sep 13, 2012 5:36pm
What I was asking above after commenting out that GET section is - what are the ramifications of doing this? Does this break anything that might not be readily apparent?
I assure you, we are aware of it. I filed the bug report myself and I’ve noted with the Engineers that this happening more frequently. It seems to be host dependent at some level because while there are a lot of threads, overall I don’t think it is endemic.
It is affecting you 100% though, and that’s all that matters. I’ll ask the Engineers your question directly and find out the answer.
Cheers,