Problem with string - lenght is not correct - some chars included not displayed

Question

I wanted to upgrade the Magento Ogone module to match the new SHASign calculation. It's working fine now but there is a problem ...

I have an issue with some strings returned by a Magento method : Mage::getUrl('ogone/api/accept');

It returns me a string with some chars that won't print at the screen. I don't know why.

string(89) "ACCEPTURL=http://www.xxxxxxx.be/store/fr_be/ogone/api/accept/KKKKKKKKKKKKKKKKKKK"

KKKK = secret code from ogone

If you check the lenght is not 89 but 80. There are some hidden cars, I can see them if I do a for loop and echo one by one the chars.

The chars not displayed are : ?___SID=U I checked in Magento and the session id parameter in URL was already disabled.

In the module I need to fetch all form fields sent to Ogone and create a SHA-1 string to ensure data integrity with a string which is only in available to me and Ogone. And with that problem the SHA-1 string built on my side is not the same than Ogone because URLs in the form are displayed without ?___SID=U : told you it won't be printed !

So first of all I don't know why Magento include it when I ask him in config to do not. And secondly why can't I see the chars on the var_dump() or any echo ?

How can I debug this situation ? I guess there are some functions out there which could help me.

I patched the problem with another function to build the URL so my SHA-1 string is know ok and the module looks to work fine. My concerns are more focused about those hidden chars the strlen function AND hash function see but not echo or any other print function.

Thank you for your help, and excuse me for my bad english, not my mother language.

Answer 1

I also got hit by this problem.

Note that this "works" for printing out the whole string:

for ($i = 0; $i < strlen($linkUrl); $i++) print $linkUrl[$i].' ';

But this one leaves out the ?___SID=U part:

for ($i = 0; $i < strlen($linkUrl); $i++) print $linkUrl[$i];

I also tried printing the numeric codes (in decimal) of the characters but it seems just valid:

63 95 95 95 83 73 68 61 85

Is this a PHP bug?

I thought this was an encoding/multibyte/Unicode issue, but turned out this is just a Magento templating system peculiarity.

I tried this code: (note: in a Magento template code!)

echo 'Hello?___SID=UWorld';

and believe it or not, you'll get this:

HelloWorld

So although the URLs are "wrong", the mechanism that Magento uses to "hide" those URLs are even more wrong by simply doing a str_replace that I believe is undocumented. (Even if it's documented, nobody would expect this!)

Answer 2

Could theses "hidden" chars be Unicode? Have you tried mb_strlen?

Answer 3

We were hit by the same problem. And I found a pretty decent solution for the problem in case somebody still encounter the same issue.

Originally, something like this was included in the Config.php file:

public function getAcceptUrl()
{
    return Mage::getUrl('ogone/api/accept');
}

If you replace it by this, no more hidden ?___SID stuff will be attached:

public function getAcceptUrl()
{
    return Mage::getUrl('ogone/api/accept', array('_nosid' => true));
}

You should do the same thing with all to other get****Url() functions, and the problem is solved.