[FX.php List] [OFF] sending email confirmation

Chris Hansen chris at iViking.org
Tue Mar 4 09:46:54 MST 2008 

Roger,

Andrew has the right approach here.  The base64_encode() is great for  
encoding things in a way which makes them not readily recognizable,  
but any string that goes into a url which may have non-alphanumeric  
characters in it needs to be urlencoded. period.  This is fundamental  
to working with the web and would even affect putting a text field  
into a URL (those spaces will cause you problems) or comparing one way  
hashes.  For more information about encoding, check out the PHP docs:

http://us.php.net/manual/en/function.urlencode.php
http://us.php.net/manual/en/function.rawurlencode.php

So most likely what you want to do is first come up with an  
unrecognizable string, and then be sure to urlencode it.  Just one  
extra step, and you should be fine.  HTH

--Chris Hansen
   FileMaker 8 Certified Developer
   FileMaker 7 Certified Developer
   Creator of FX.php
   "The best way from FileMaker to the Web."
   www.iViking.org

On Mar 4, 2008, at 8:36 AM, Andrew Denman wrote:

> Roger,
>
> Since the equal sign is a special character for URLs, it is a good  
> idea to not use them in your data if possible.  If you must use the  
> equal signs, you should URL encode them to ensure they work  
> everywhere.
>
> In FileMaker there is the GetAsURLEncoded() function, and in PHP  
> there is the rawurlencode() function.
>
> Andrew Denman
>
> From: fx.php_list-bounces at mail.iviking.org [mailto:fx.php_list-bounces at mail.iviking.org 
> ] On Behalf Of Steve Winter
> Sent: Tuesday, March 04, 2008 9:15 AM
> To: 'FX.php Discussion List'
> Subject: RE: [FX.php List] [OFF] sending email confirmation
>
> Hi Roger,
>
> I presume that the presence of the two == are a function of  
> base64_encode…?? If not, what purpose do they serve…?
>
> Perhaps using an alternative encoding method (eg md5) might resolve  
> the issue, since it would not result in == characters…??
>
> Cheers
> Steve
>
> From: fx.php_list-bounces at mail.iviking.org [mailto:fx.php_list-bounces at mail.iviking.org 
> ] On Behalf Of Roger Price
> Sent: 04 March 2008 15:10
> To: FX.php Discussion List
> Subject: [FX.php List] [OFF] sending email confirmation
>
> As part of a web project I am collecting data from our some of our  
> past students that we have lost contact with.
>
> I want to try to ensure that we don't get too many malicious returns  
> so I intend to send a confirmation to the entered email address with  
> an activation link.
>
> So far so good!
>
> In order that the database record key is not blatantly obvious I'm  
> using base64_encode!
>
> however when I mail a link such as:  http:// 
> www.xxx.xxx.xx.xx..edit2.html?rec=MDAwMQ==
> the two '=' characters that are generated at the end of this  
> particular record are omitted from the hyperlink when viewed in  
> Outlook Express or Windows Mail. Entourage only omits one! However  
> Outlook and my webmail program work perfectly.
>
> If anybody resolved this problem before I would be grateful to know  
> the best way.
>
> Roger
>
>
>
>
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list

More information about the FX.php_List mailing list