tags:

views:

119

answers:

2

My knowledge about base64 is pretty limited. I am using it as an alternative to string escaping in a content management system, for I had been warned about how weaknesses have been found in mysql_real_escape_string(); and quite sheepishly so, as I am aware of how it buffs text size up.

PHP seems to truncate everything after an instance of # or & in the string; please help me out of this one.

Also, comment on whether using base64 to maintain the 'trueness' of post content in the CMS is just plain retarded, or a wise move.

Thanks for your time :)

A: 

Yes it works:

$ php
<?php echo base64_decode(base64_encode("hello &# world")); ?>
hello &# world

you can find informations about base64 on wikipedia and in php manual

Aif
I see, damn I should have tried that out myself. So the ampersands in the AJAX query could explain the problem, but what about # ?
Angad
Amber
I am sure I am not seeing something here, but how would URLs creep into POSTed AJAX content?The ampersands could probably declare new $_POST[] elements and hence truncate the rest of the string (I think). I do not see how # would do something similar?Also, any suggestions for escaping these characters, I do not want to compromise by using a dummy text which I shall replace both ways. Is an escape character possible?Lastly, how suitable is using Base 64.Thanks so much for your time.
Angad
A: 

Thank you all, Dav was right all the way. A simple URLEncode function I grabbed off Google did the trick :)

return encodeURIComponent(str).replace(/!/g, '%21').replace(/'/g, '%27').replace(/\(/g, '%28').
                                                                replace(/\)/g, '%29').replace(/\*/g, '%2A').replace(/%20/g, '+');

Thanks again :)

Angad