javascript - Ajax Issue (possibly due to encodeURIComponent characters) -

-

I have a form in which the users enter the data and then submit the form through Ajax on the same page Then it is processed.

Each time a user will enter some data that will throw an Ajax error.

I snatched all other farm areas and compressed it down to textarea which is causing the problem, but I can not know why.

I have created a sample page that I am running to debug the problem, but I can not understand why I am having trouble.

I tried to make a bella and it was having problems: (

Here is a link to the test page:

Here is the test code page (Broken.fp): 

  & lt ;? php if (! $ _ POST) {? & Gt; script = type = "text / javascript" src = "https: / / AJAX Googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script> & lt; script type = "text / javascript" & gt; submit the function encode uri () Including / other form data that I strip away var datastrring Taken = 'formid = completeActivity & amp; submit = submit & amp; uid = 5435716e20463 & amp; notification = 0'; // grabric and textera text var txtValue = encodeurIComponent ($ ('# test_textarea'). Change; val (); // add textarea text to your string; dataString + = '& amp; dispo =' + txtValue; // Submit data yourself $ .exax ({type: "post", url: 'Broken.fp'), data: datastring, success: function (returndata) {$ ('# encoded textures'). html (return data); }, Error: function () {warning ('failed');}}); } & Lt; / Script & gt; & Lt; P & gt; & Lt; Strong & gt; Sample unsuccessful text: & lt; / strong> & Lt; Br / & gt; & Lt; Br / & gt; Please test 5105 = 33 5128 = 12 5325 = 19 6790 = 8 6791 = 4 6792 = 8 7125 = 20 7141 = 1 & lt; / P & gt; Ignore them. & Lt; Textarea id = "test_textarea" style = "width: 300px; height: 300px;" & Gt; & Lt; / Textarea & gt; & Gt; Input type = "button" value = "submit" onClick = "submitEncodeURI ();" & Gt; & Lt; Br / & gt; & Lt; Strong & gt; Presented text: & lt; / strong> & Lt; Br / & gt; & Lt; Div id = "encoded texts" & gt; & Lt; / Div & gt; & Lt ;? Php} and {echo $ _POST ['dispo']; }? & Gt;   
  Does not work   
 When I enter: "Examination Please 5105 = 33 5128 = 12 5325 = 1967 9 Ignore = 8  
  What Works   
 Example: "Exam 5105 = 33 5128 = 12 5325 = 1 9 6790 = 8 Please ignore 6791 = 4 6792. = 8 7125 = 20 7141 = 2 " 
  Why does ajax finally allow the work to be done? And why is it breaking in the first place (the 500 internal server is returning the error)?   
 I think it is to do with some combination of  encodeurIComponent () .   
 
 
 After several hours, I finally figured it out.  
 Why test sample text" 5105 = 33 5128 = 12 5325 = 1 9 6790 = 8 Ignore 6791 = 4 6792 = 8 7125 = 20 7141 = 1 "on another's server and it During my testing, this does not work.  
 There are several security measures in my server which prevent the attacks of SQL injection. If it detects any form of these attacks, then they should request the server  
 If you are trying to view the string, then I am trying to start it "ignore" and the very last character string is "7141 = 1".  
 string "7141 = 1" within the string " Ignore "and" 1 = 1 "my server detects" or ". When my server detects anywhere within a string "or 1 = 1", it recognizes it as a potential SQL injection attack and kills the server with the request.  
 This is the reason that "Ignore 5105 = 33 5128" = 12 5325 = 1 9 67 9 = 8 6791 = 4 6792 = 8 7125 = 20 7141 = 2 "will work because it is now Not getting "or 1 = 1".  
 This small problem spends me several hours ...

Comments

Post a Comment

Popular posts from this blog

php - PDO bindParam() fatal error -

-
I am trying to learn PDO, now I have written this small code, but it gives me a serious error: < P> Fatal error: Call a member function at a non-object dot () ... $ con = new mysqli ("127.0.0.1", "root", "", "csvdangercheck"); $ Query = $ con- & gt; ("Id,` var1`, `var2`) values ​​(" id,: var1,: var2) ";); $ query- & gt; bypass pattern (': id', $ id); $ query- & gt; BindParam (': var1', $ VAL1); $ Query- & gt; bindParam (': var2', $ val2); $ Query-> Executed (); I Trying to use print_r ($ con-> errorInfo ()) but Fatal error: Undefined method mysqli :: errorInfo ( ) ... can someone tell me what am I missing? Flaffeh said, you have PDO Missing Mysqy, try it: $ con = new PDO ('mysql: host = 127.0.0.1; dbname = csvdangercheck', 'root', '');
Read more

logging - How can I log both the Request.InputStream and Response.OutputStream traffic in my ASP.NET MVC3 Application for specific Actions? -

-
For a specific set of tasks, I need to log in to the incoming request inputstream as well as outgoing response. is. I am using an ActionFilterAttribute for this and overriding the OnActionExecuted and OnResultExecuted methods. So I'm starting with this idea ... Public category ActionLoggerAttribute: ActionFilterArrbit {Public Override Zero On-Offed Execution (ActionActioned Contact Filter Filter) {base.OnActionAxecuted (FilterContext); HttpRequestBase request = filterContext.HttpContext.Request; // TODO: Log the request. InputStream} Public Override Zero OnResultExecuted (ResultExecutedContext FilterContext) {base.OnResultExecuted (filterContext); HTTPRPSPointBase Response = FilterContacts Hpptex response; // TODO: Log on Response.OutputStream}} Ideally I'll hook it up with enterprise library logging because I'm already using it for error logging. Am I reaching the input and output stream at the right time? Can I easily use the Enterprise Library to log i
Read more

java - Why my included JSP file won't get processed correctly? -

-
I am trying to create Java web framework (and learning), and on the basis of 'Code Generator In the process of making the material view of the database in the process of development, I stumbled into a difficulty, which I do not know how to solve it. First of all, I want the following index.jsp : & lt; Body & gt; Use all pages to be created. & Lt;% @ include file = "header.jsp"% & gt; & Lt; Hours / & gt; & Lt;% @ included file = "body.jsp"%> & Lt; Hours / & gt; & Lt;% @ include file = "footer.jsp"% & gt; & Lt; / Body & gt; And, in body.jsp , I should have it like this: & lt; Jsp: include page = "$ {Application_modul}"%> Where application_modul is an attribute defined in its controller: request.setAttribute ("application_modul", "USER_ACCOUNT \\ ' View_user_account.jsp "); This file can be found properly, but the processed JSP does
Read more