PHP URL Trouble

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
koolsamule
Forum Contributor
Posts: 130
Joined: Fri Sep 25, 2009 10:03 am

PHP URL Trouble

Post by koolsamule »

Hi Chaps,

I have a PHP FTP App, where users can log in using a unique code and a password.

Their unique code corresponds to an FTP folder, e.g.
\FTP_Root\Customer A & Co\
So when the user logs in, they can see their FTP directory and contents, in this case an Inbox and an Outbox.
This works as the FTP folder contains both an Inbox and an Outbox.

The problem I am having is when I try browsing within this directory (say the Inbox), ftp-chdir fails.

I have a hyperlink that sends a 'dir' parameter to the same ftp.php page, and if set, will attempt to change to the given directory.

So even though the URL Hyperlink reads:
When you click on this link, the page tries to load:
So my question is what do I need to change, the Hyperlink to read something like:


Do something to the ftp-chdir function, where I encode/decode/whatever to make sure it tries to change to the correct FTP directory?

Or exclude all ampersand entirely?
User avatar
AbraCadaver
DevNet Master
Posts: 2572
Joined: Mon Feb 24, 2003 10:12 am
Location: The Republic of Texas
Contact:

Re: PHP URL Trouble

Post by AbraCadaver »

Code: Select all

urlencode('/FTP_Root/Customer A & Co/Inbox');
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
Eric!
DevNet Resident
Posts: 1146
Joined: Sun Jun 14, 2009 3:13 pm

Re: PHP URL Trouble

Post by Eric! »

it will end up looking like this "%2fFTP_Root%2fCustomer+A+%26+Co%2fInbox" with the ampersand encoded too.

FYI, this doesn't seem very secure. Once logged in, anyone could suggest a directory name and abuse other accounts' data. Hopefully you trust all your users or have a way to limit access.
Post Reply