I am now with this code to receive a form data from xmlhttprequest:
$form = $_REQUEST["form"];
$form = rawurldecode($form);
$form = preg_replace('/[[:cntrl:]]/', '', $form);
than I can correctly decode:
$Form = json_decode($form, true);
In JavaScript side, the form data will be an object, encoded to JSON and passed with encodeURIComponent. There is a field with a html content that is previously encoded with encodeURIComponent. This will be understood later... However, this will remove all control characters. This form has a field for a HTML editor (CKEDITOR4), the rest are "simple" data (simple text or just plain data). Looking at the editor's data, I found a "0A" character in the end of the string, but it was just a "test" paragraph, what about a whole page? That's why I am previously encoding the html content, and the final result will be double encoding - a large amount of text. But by not doing this, I will lose control characters and I don't know the result - will change my html.
I have researched about this here, there is a lot of old questions, many with poor or no answer at all. I think what is needed to know at this point is the characters json_decode does not like so I can choose the better solution (I could not find the json standards in the php.net documentation). Maybe good solutions will be setting json to ignore control characters or a script to encode only what is needed.
Any thoughts besides duplicate?
