用户
 找回密码
 入住 CI 中国社区

QQ登录

只需一步,快速开始

扫一扫,访问微社区

搜索
查看: 113|回复: 2
收起左侧

[已解决] An Error Was Encountered The URI you submitted has disallowed characters.

[复制链接]
发表于 2017-3-20 15:51:18 | 显示全部楼层 |阅读模式
要写一个 网站的搜索页面,搜索条件十多个,单纯拼访问地址uri的方式地址太长了,直接加了一个 urlencode($json)    urlencode后的一个json 参数  直接报这种错误,uri不可解析,论坛里查了是config.php 文件 中的这一行限制住了  $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-';  但怎么改啊请大神指教
http://www.aaa.com/index_ci.php/Mamaju/index/index/%7B%22type%22%3A%22index%22%2C%22word%22%3A%22%22%2C%22limit%22%3A100%2C%22sort%22%3A4%2C%22istmall%22%3A%22%22%2C%22numiid%22%3A%22%22%2C%22cate%22%3A%22%22%2C%22priceMin%22%3A%22%22%2C%22priceMax%22%3A%22%22%2C%22comMin%22%3A%22%22%2C%22comMax%22%3A%22%22%2C%22volumeMin%22%3A%22%22%2C%22volumeMax%22%3A%22%22%2C%22istbk%22%3A1%2C%22iscoup%22%3A%22%22%2C%22channel%22%3A%22%22%2C%22topbrank%22%3A%220%22%2C%22selfgoods%22%3A%220%22%2C%22flag%22%3A%22%22%7D/2
发表于 2017-3-20 18:19:28 | 显示全部楼层
把内容放到 querystring 里,例如 http://domain.com/xxx?abc=json
 楼主| 发表于 2017-3-28 16:24:48 | 显示全部楼层
Hex管理员谢谢,这个问题已经解决了,是ci配置中 config.php 文件中这一行 $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; ci对请求的地址的uri做了筛选限制,解决办法是在  application/core/  目录中添加一个  MY_URI.php 继承重写  system/core/URI.php 的筛选uri 方法   _filter_uri,
MY_URI.php  文件如下
PHP复制代码
<?php
if (! defined ( 'BASEPATH' ))
exit ( 'No direct script access allowed' );
class MY_URI extends CI_URI {
        function _filter_uri($str) {
                if ($str != '' && $this->config->item ( 'permitted_uri_chars' ) != '' && $this->config->item ( 'enable_query_strings' ) == FALSE) {
                        $str = urlencode ( $str );
                        if (! preg_match ( "|^[" . str_replace ( array ('\-', '-' ), '-', preg_quote ( $this->config->item ( 'permitted_uri_chars' ), '-' ) ) . "]+$|i", $str )) {
                                show_error ( 'The URI you submitted has disallowed characters.', 400 );
                        }
                        $str = urldecode ( $str );
                }
                $bad = array ('$', '(', ')', '%28', '%29' );
                $good = array ('$', '(', ')', '(', ')' );
               
                return str_replace ( $bad, $good, $str );
        }
        private function _detect_uri() {
                if (! isset ( $_SERVER ['REQUEST_URI'] ) or ! isset ( $_SERVER ['SCRIPT_NAME'] )) {
                        return '';
                }
               
                //$uri = $_SERVER ['REQUEST_URI'];
                $uri = $_SERVER["PHP_SELF"];
                var_dump($uri);
                if (strpos ( $uri, $_SERVER ['SCRIPT_NAME'] ) === 0) {
                        $uri = substr ( $uri, strlen ( $_SERVER ['SCRIPT_NAME'] ) );
                } elseif (strpos ( $uri, dirname ( $_SERVER ['SCRIPT_NAME'] ) ) === 0) {
                        $uri = substr ( $uri, strlen ( dirname ( $_SERVER ['SCRIPT_NAME'] ) ) );
                }
               
                // This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct
                // URI is found, and also fixes the QUERY_STRING server var and $_GET array.
                if (strncmp ( $uri, '?/', 2 ) === 0) {
                        $uri = substr ( $uri, 2 );
                }
                $parts = preg_split ( '#\?#i', $uri, 2 );
                $uri = $parts [0];
                if (isset ( $parts [1] )) {
                        $_SERVER ['QUERY_STRING'] = $parts [1];
                        parse_str ( $_SERVER ['QUERY_STRING'], $_GET );
                } else {
                        $_SERVER ['QUERY_STRING'] = '';
                        $_GET = array ();
                }
               
                if ($uri == '/' || empty ( $uri )) {
                        return '/';
                }
               
                $uri = parse_url ( $uri, PHP_URL_PATH );
               
                // Do some final cleaning of the URI and return it
                return str_replace ( array ('//', '../' ), '/', trim ( $uri, '/' ) );
        }
}
复制代码

添加完这个文件后,不用改config.php,之前的地址就可以访问了

评分

参与人数 1威望 +2 收起 理由
Hex + 2 赞一个!

查看全部评分

本版积分规则