Disallowed Key Characters

TurtleWolf · January 1, 2013, 1:08am

I’ve been following the tutorial @ http://net.tutsplus.com/tutorials/php/codeigniter-from-scratch-day-8-ajax/?search_index=9
unfortunately my url is being returned with disallowed characters,

Error string: php_echo_site_url(\‘site/post_ticket\’);_?>Disallowed Key Characters.

I understand that codeigniter has several XSS filters for security and most of the suggestions I’ve found for dealing with disallowed characters suggest hacks for turning this off completely or allowing additional characters… my gut feeling is that is not a “best practice”. One post sugest it may be the greater than & less than symbols for php. Specifically I need suggestions for the line that sets the URL. Thanks & Happy New Years! (especiallly to those still working on code while every one else is out partying…)

function openNewTkt() {
		var form_data = {
		property_manager: $('#property_manager').val(),
		property_ID: $('#property_ID').val(),
		property_name: $('#property_name').val(),
		date_posted: $('#date_posted').val(),
		value: $('#spinner').val(),
		ajax: '1'		
	};
			$.ajax({
		url: "<?php echo site_url('site/post_ticket'); ?>",
		type: 'POST',
		data: form_data,
		success: function(msg) {
			$('#main_content').html(msg);
			}
		});
	return	false;
}

imouto · January 1, 2013, 2:45am

Not sure if this will fix your problem, but this CI forum thread mentions using JavaScript’s escape function. See here:

TurtleWolf · January 1, 2013, 3:03am

Thanks… I read that page early today, but was just trying to get back to it. I think I’ve exhausted my daily supply of brain juice, I didn’t even think of looking through my history till just now.

TurtleWolf · January 1, 2013, 4:48am

This is my current attempt using encodeURIComponent to no avail…
Now I’m getting 500 Internal server error. But the exact same post works in PHP,
it’s just when I use Jquery’s ajax I’m having issues.

function openNewTkt() {
		var uri='http://cutnedge.info/index.php/site/post_ticket';
		encodeURIComponent(uri);
		var form_data = {
		property_manager: $('#property_manager').val(),
		property_ID: $('#property_ID').val(),
		property_name: $('#property_name').val(),
		date_posted: $('#date_posted').val(),
		value: $('#spinner').val(),
		ajax: '1'		
	};
			$.ajax({
		url: uri,
		type: 'POST',
		data: form_data,
		success: function(msg) {
			$('#main_content').html(msg);
			}
		});
	return	false;
}