How js and php handle url encoding
- 2021-01-25 07:19:59
- OfStack
Solution: js is used to encode escape characters in URL.
<a href="" onclick="window.open('product_list.php?p_sort='+escape('PHP Development Resource Network '));">
The effect of clicking a link like this:
Reference: http: / / 127.0.0.1 shop/product_list php? p_sort=PHP%u5F00%u53D1%u8D44%u6E90%u7F51
With this effect, it is obvious that it cannot be solved inversely with urldecode() or base64_decode() of PHP.
To solve this problem, write an inverse function using PHP:
function js_unescape($str){
$ret = '';
$len = strlen($str);
for ($i = 0; $i < $len; $i++){
if ($str[$i] == '%' && $str[$i+1] == 'u'){
$val = hexdec(substr($str, $i+2, 4));
if ($val < 0x7f) $ret .= chr($val);
else if($val < 0x800) $ret .= chr(0xc0|($val>>6)).chr(0x80|($val&0x3f));
else $ret .= chr(0xe0|($val>>12)).chr(0x80|(($val>>6)&0x3f)).chr(0x80|($val&0x3f));
$i += 5;
}
else if ($str[$i] == '%'){
$ret .= urldecode(substr($str, $i, 3));
$i += 2;
}
else $ret .= $str[$i];
}
return $ret;
}
Note that the JS code is automatically converted to UTF-8, so the code conversion must be done to get the correct result, otherwise the Chinese code will be garbled.
print iconv('utf-8', 'gb2312', js_unescape($_REQUEST['p_sort']));
At this point, we have successfully reversed the escape encoding of js.
I also found a function that uses PHP to implement escape encoding of js:
function phpescape($str){
$sublen=strlen($str);
$retrunString="";
for ($i=0;$i<$sublen;$i++){
if(ord($str[$i])>=127){
$tmpString=bin2hex(iconv("gb2312","ucs-2",substr($str,$i,2)));
//$tmpString=substr($tmpString,2,2).substr($tmpString,0,2);window You may want to open this item
$retrunString.="%u".$tmpString;
$i++;
} else {
$retrunString.="%".dechex(ord($str[$i]));
}}
return $retrunString;
}