Re: [wp-testers] function clean_url, esc_url, urlencode

Tue, 18 May 2010 05:17:52 -0700 

Yeap;

function comicpress_clean_filename($filename) {
return str_replace("%2F", "/", rawurlencode($filename));
}
Is what I came up with, it just does the filename which I attach the proper url.
I had to go back through where I was using esc_url / clean_url in all my stuff because I was under a different assumption of what the function actually did. Now I have no clue why it even exists, what does esc_url actually do? Prepare a $_SYSTEM string from hack attempts? 

- Phil
----- Original Message ----- From: "Dougal Campbell" <[email protected]> 
To: <[email protected]>
Sent: Tuesday, May 18, 2010 5:02 AM
Subject: Re: [wp-testers] function clean_url, esc_url, urlencode



On May 18 2010 1:46 AM, Philip M. Hofer (Frumph) wrote:
No, it's not invalid, those are the actual filenames received from a glob.
So you're saying I need to make ANOTHER function that just changes spaces into %20 's ? Rather absurd dont you think? If you're going to escape other characters and make them valid why not the space? 

- Phil
As Andrew said, filenames !== url paths. You need to encode the path portion with rawurlencode() before appending it to your path. Yes, in most filesystems a space is a valid filename character. And in some cases, web servers and browers will transparently handle those spaces. But not in every case, and it's always best to "manually" handle these cases to ensure that your generated URLs are valid, in case you end up passing them to a service that doesn't deal with spaces. 

rawurlencode(): encode path portions of a URL
urlencode(): encode querystring values
Note, we're not talking about the *entire* URL here, just the portions after your hostname. So generally, you're going to do something along the lines of:
$enc_url = trailingslashit($base_url) . rawurlencode($filename) . '?myvar=' . urlencode($some_var); 

Clear? :)


--
Dougal Campbell <[email protected]>
http://dougal.gunters.org/
http://twitter.com/dougal
http://twitual.com/
_______________________________________________
wp-testers mailing list
[email protected]
http://lists.automattic.com/mailman/listinfo/wp-testers



_______________________________________________
wp-testers mailing list
[email protected]
http://lists.automattic.com/mailman/listinfo/wp-testers

Reply via email to