passing special chars via GET using ajax

scrupul0us

05-06-2008, 12:03 AM

I'm trying to create an editor to manage protect areas within Apache

e.g

<directory "path/to/dir">
..relative settings..
</directory>

now I am successful at passing this data to my ajax handler and can verify it by using an alert.. however when I include this data in my xmlHttp.open string and it strips out all the open and close directory structures leaving just the innards

else
{
alert(data);
xmlHttp.open("GET","/includes/process.inc.php?action="+page+"&data="+escape(data),true);
xmlHttp.send(null);
}

does JS have a function to properly encode the data so it all remains intact?

thanks

tomws

05-06-2008, 12:36 AM

encodeURI or encodeURIComponent, depending upon your need.

scrupul0us

05-06-2008, 03:07 AM

doesnt seem to work... im still left with the missing <directory> tags

tomws

05-06-2008, 03:22 AM

What does a data variable look like? The contents, that is.

scrupul0us

05-06-2008, 03:28 AM

an example of the data could be:

<Directory /usr/local/httpd/htdocs>
Options Indexes FollowSymLinks
</Directory>

formatted with indentation in a textarea... There are many of these structures within the text area with numerous directives within them

I've also noticed that any comment within the file (beginning with #) make the encodeURI stop working at that line

tomws

05-06-2008, 03:38 AM

Oh, Apache conf file. Ok.

Have you tested echoing or dumping the contents on the backside file? What's going on back there?

How odd. I don't know why it would break, but I've only used it on limited data. I'll play around a bit and see if I can figure something out. Hopefully someone who has seen this before will be able to help.

tomws

05-06-2008, 04:15 AM

I get all of the information on the backside in a little test setup I put together. Here's the code I used:

// test.php
<html><head>
<script type="text/javascript">
function s()
{
// XmlHTTP setup courtesy of mjlorbet
var XmlHTTP = null;
var Possibles = {
0: "XMLHttpRequest()",
1: "ActiveXObject('Microsoft.XMLHttp')",
2:"ActiveXObject('MSXML2.XMLHttp')",
3:"ActiveXObject('MSXML2.XMLHttp.3.0')",
4:"ActiveXObject('MSXML2.XMLHttp.4.0')",
5:"ActiveXObject('MSXML2.XMLHttp.5.0')",
6:"ActiveXObject('MSXML2.XMLHttp.6.0')",
7:""};
var Option = 0;
while(XmlHTTP === null)
{
XmlHTTP = eval("new " + Possibles[Option]);
Option++;
}
//return XmlHTTP;

XmlHTTP.onreadystatechange = function()
{
if ( XmlHTTP.readyState == 4 )
{
document.getElementById("output").innerHTML = XmlHTTP.responseText;
} // end: if

}

data = "<Directory /usr/local/httpd/htdocs>";
data += " Options Indexes FollowSymLinks";
data += "</Directory>";

url="backtest.php";
url+="?id="+Math.random();
url+="&data="+encodeURIComponent(data);
XmlHTTP.open( "GET",url,true );
XmlHTTP.send(null);
}
</script>
</head>
<body>
<form action="" method="GET" onsubmit="s();return false;">
<input type="submit" value="submit" />
</form>

<div id="output"></div>

</body>
</html>

// backtest.php
<?php

$data = $_GET['data'];

if ( !($handle = fopen('testfile.txt','a') ) )
{
die(-1);
}

if ( fwrite($handle,$data."\n---\n\n---\n") === FALSE )
{
die(-2);
}

echo "end";

?>

As can be seen, the backside gets exactly what I sent to it (ignoring the extra stuff I put in):

// testfile.txt
<Directory /usr/local/httpd/htdocs>
Options Indexes FollowSymLinks
</Directory>

---

---