[wp-testers] function clean_url, esc_url, urlencode
Philip M. Hofer (Frumph)
philip at frumph.net
Tue May 18 12:17:28 UTC 2010
Yeap;
function comicpress_clean_filename($filename) {
return str_replace("%2F", "/", rawurlencode($filename));
}
Is what I came up with, it just does the filename which I attach the proper
url.
I had to go back through where I was using esc_url / clean_url in all my
stuff because I was under a different assumption of what the function
actually did. Now I have no clue why it even exists, what does esc_url
actually do? Prepare a $_SYSTEM string from hack attempts?
- Phil
----- Original Message -----
From: "Dougal Campbell" <dougal at gunters.org>
To: <wp-testers at lists.automattic.com>
Sent: Tuesday, May 18, 2010 5:02 AM
Subject: Re: [wp-testers] function clean_url, esc_url, urlencode
> On May 18 2010 1:46 AM, Philip M. Hofer (Frumph) wrote:
>> No, it's not invalid, those are the actual filenames received from a
>> glob.
>>
>> So you're saying I need to make ANOTHER function that just changes spaces
>> into %20 's ? Rather absurd dont you think? If you're going to escape
>> other characters and make them valid why not the space?
>>
>> - Phil
>
> As Andrew said, filenames !== url paths. You need to encode the path
> portion with rawurlencode() before appending it to your path. Yes, in most
> filesystems a space is a valid filename character. And in some cases, web
> servers and browers will transparently handle those spaces. But not in
> every case, and it's always best to "manually" handle these cases to
> ensure that your generated URLs are valid, in case you end up passing them
> to a service that doesn't deal with spaces.
>
> rawurlencode(): encode path portions of a URL
> urlencode(): encode querystring values
>
> Note, we're not talking about the *entire* URL here, just the portions
> after your hostname. So generally, you're going to do something along the
> lines of:
>
> $enc_url = trailingslashit($base_url) . rawurlencode($filename) .
> '?myvar=' . urlencode($some_var);
>
> Clear? :)
>
>
> --
> Dougal Campbell <dougal at gunters.org>
> http://dougal.gunters.org/
> http://twitter.com/dougal
> http://twitual.com/
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>
More information about the wp-testers
mailing list