dougu3290 2012-11-30 15:11
浏览 109

重定向不允许的字符

I looked over and over and I couldn't seem to find an answer to what I want, but here goes:

I have a client that is really computer illiterate and I want to ensure that any errors that arise are handled without intervention. The one thing I'm stuck on currently though is the "The URI you submitted has disallowed characters." error.

I don't want to simply allow all the characters to circumvent the error. Instead what I'd like to do is simply redirect to a particular URI when this error happens. For example:

www.local.com/project/login/'''' ---> www.local.com/project/login

I looked at doing it with hooks, but I'd like to be able to specify a custom URL when I want to execute the check.

I was thinking about using a call to a library method which will pull in the characters from the configuration, then redirect based on whether the check passes or not, with the current URL and URI redirect as a parameter. Is this the way to do it, or is there an easier way to manage this?

  • 写回答

2条回答 默认 最新

  • douan4359 2012-12-01 09:50
    关注

    I've read all the comments above - but I think you missed the easy way to do this.

    Just overload the _filter_uri() function, and do whatever you want:

    (Place this file in application/core/MY_URI.php)

    // Normally this is not fully uppercase - but for some reason the URI filename is
Class MY_URI extends CI_URI
{


/**
 * Filter segments for malicious characters
 *
 * @access  private
 * @param   string
 * @return  string
 */
function _filter_uri($str)
{
    if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE)
    {
        if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str))
        {
            // DO SOMETHING HERE LIKE REDIRECT OR CHANGE THE URL
        }
    }

    // Convert programatic characters to entities
    $bad    = array('$',        '(',        ')',        '%28',      '%29');
    $good   = array('$',    '(',    ')',    '(',    ')');

    return str_replace($bad, $good, $str);
}
    评论

报告相同问题?

悬赏问题

  • ¥15 微信会员卡接入微信支付商户号收款
  • ¥15 如何获取烟草零售终端数据
  • ¥15 数学建模招标中位数问题
  • ¥15 phython路径名过长报错 不知道什么问题
  • ¥15 深度学习中模型转换该怎么实现
  • ¥15 HLs设计手写数字识别程序编译通不过
  • ¥15 Stata外部命令安装问题求帮助!
  • ¥15 从键盘随机输入A-H中的一串字符串,用七段数码管方法进行绘制。提交代码及运行截图。
  • ¥15 TYPCE母转母,插入认方向
  • ¥15 如何用python向钉钉机器人发送可以放大的图片?