Proper escaping of characters in YAML

2,333 views
Skip to first unread message

Brian

unread,
Dec 29, 2009, 4:20:59 PM12/29/09
to madmimidev
I'm working on integrating our system with the Mad Mimi mailer API,
and am running into an issue with escaping characters in the YAML
character stream. I have a simple string that contains a URL - i.e.

http://test.jamroom.net/index.php?m=index&o=index

the problem is escaping the ampersand character - everything I have
tried has not worked - I even tried using the spyc PHP YAML library:

http://code.google.com/p/spyc/

which can dump a PHP array as a valid YAML document, but even that
does not work - everything up to the first ampersand will come through
in the email, with the rest being missing. I've looked through the
YAML documentation, and it indicates that only ampersands at the
_beginning_ of a line need to be escaped - those in the middle of a
string do not need to be escaped. I've tried the following:

- enclosing the entire string in single quotes
- enclosing the entire string in double quotes
- enclosing the ampersand in single quotes
- enclosing the ampersand in double quotes
- enclosing the string in double quotes and the ampersand in single
quotes
- using a backslash before the ampersand with the string in double
quotes (the YAML documentation indicates that only strings enclosed in
double quotes can use a backslash as the escape operator).

none of this has worked. Is there something special I need to do to
ensure that ALL special characters are escaped properly? As a bit of
background - we have hundreds of email "templates" that get parsed,
and I am sending these over to Mad Mimi to a special promotion that
has a single replacement variable - {MESSAGEBODY} - that I am using as
the "placeholder" for the message to be placed in - this will make it
so we don't have to create hundreds of Mad Mimi promotions to handle
each template - we can instead have a single promotion with a single
variable in it that will contain the entire message. This makes it
important however to ensure all characters that need to be escaped are
escaped properly, so any help is appreciated.

Thanks for any assistance!

- Brian

Dave Hoover

unread,
Dec 29, 2009, 5:06:42 PM12/29/09
to Brian, madmimidev
Hm I just tried to use that URL in a {placeholder} and it worked fine for me.

Can you show me your code (off-list if you want to include the API key)?

Brian

unread,
Dec 29, 2009, 6:16:41 PM12/29/09
to madmimidev
Thanks for the help Dave - I should mention I am using MadMailer
(although I don't see anything being done as far as YAML escaping is
concerned) - here's the code:

<?php
require 'MadMailer.class.php';

$mail = new MadMailer('EMAIL_ADDRESS','API_KEY',false,true);

$body = "'http://test.jamroom.net/index.php?m=index&o=index'";

$rec = array(
'Email' => 'big...@jamroom.net'
);
$msg = array(
'Subject' => 'Test Subject',
'PromoName' => 'Jamroom Notifier',
'FromAddr' => 'sup...@jamroom.net'
);
$bod = array('MESSAGEBODY' => $body);
$txn = $mail->SendMessage($rec,$msg,$bod);

echo $txn;
?>

The email does get sent, but all I get in the body is:

http://test.jamroom.net/index.php?m=index

I've checked out the MadMailer class as well, and when it comes to
preparing the "body", it's pretty simple - it just does:

$request_string .= "&body=--- " . $this->construct_body($body_arr);

and construct_body() is:

function construct_body($body_data) {
foreach ($body_data as $key => $value) {
$body_string .= $key . ': ' . $value . "\n";
}
return $body_string;
}

there are no manipulations performed on $body_arr before being passed
into construct_body(), so I don't see how MadMailer could be affecting
it, although if it is the culprit I can likely just skip using it and
code it directly using curl.

Thanks!

- Brian


On Dec 29, 2:06 pm, Dave Hoover <dave.hoo...@gmail.com> wrote:
> Hm I just tried to use that URL in a {placeholder} and it worked fine for me.
>
> Can you show me your code (off-list if you want to include the API key)?
>

Nicholas Young

unread,
Dec 29, 2009, 6:32:24 PM12/29/09
to Brian, madmimidev
Hi Brian,

Let me see if I can duplicate your issue, and if so, I'll push out a patch to the class tonight.

Brian

unread,
Dec 29, 2009, 6:39:47 PM12/29/09
to madmimidev
Nicholas -

Thank you for checking it out - it is really appreciated. Having the
class handle all of the proper escaping (if needed) would be really
nice. Let me know if you need any additional info from me.

Thanks!

- Brian

On Dec 29, 3:32 pm, Nicholas Young <nicho...@nicholaswyoung.com>
wrote:


> Hi Brian,
>
> Let me see if I can duplicate your issue, and if so, I'll push out a patch
> to the class tonight.
>
> Nicholas Young

> nicho...@nicholaswyoung.com
> 615.727.2645 (Cell)
> 615.829.6687 (Main)http://nicholaswyoung.com


>
> On Tue, Dec 29, 2009 at 5:16 PM, Brian <jamr...@gmail.com> wrote:
> > Thanks for the help Dave - I should mention I am using MadMailer
> > (although I don't see anything being done as far as YAML escaping is
> > concerned) - here's the code:
>
> > <?php
> > require 'MadMailer.class.php';
>
> > $mail = new MadMailer('EMAIL_ADDRESS','API_KEY',false,true);
>
> > $body = "'http://test.jamroom.net/index.php?m=index&o=index'";
>
> > $rec = array(
> >  'Email' => 'big...@jamroom.net'
> > );
> > $msg = array(
> >  'Subject'   => 'Test Subject',
> >  'PromoName' => 'Jamroom Notifier',

> >  'FromAddr'  => 'supp...@jamroom.net'

Nicholas Young

unread,
Dec 29, 2009, 6:45:09 PM12/29/09
to Brian, madmimidev
I just pushed out the fix. All I needed to do was urlencode the values... good catch!

Thanks Brian!

Nicholas Young

Brian

unread,
Dec 29, 2009, 6:50:51 PM12/29/09
to madmimidev
I just downloaded the new version, updated and it is looking good - I
really appreciate you looking into that and fixing it so quickly.
Thank you!

- Brian

On Dec 29, 3:45 pm, Nicholas Young <nicho...@nicholaswyoung.com>
wrote:


> I just pushed out the fix. All I needed to do was urlencode the values...
> good catch!
>
> Thanks Brian!
>
> Nicholas Young
>

Nicholas Young

unread,
Dec 29, 2009, 6:53:47 PM12/29/09
to Brian, madmimidev
That's what we're here for. :)

Let me know if there's anything else you need.

Nicholas Young

Brian

unread,
Dec 29, 2009, 6:56:51 PM12/29/09
to madmimidev
One last question for you if you have a moment - do I need to worry
about the YAML special characters (i.e. single quote/double quote/
colon) appearing in the "body", or will the urlencoding take care of
that? Right now I've got a str_replace setup to remove single/double
quotes, but ideally I'd like to not have to worry about it unless
necessary.

Thanks!

- Brian

On Dec 29, 3:53 pm, Nicholas Young <nicho...@nicholaswyoung.com>
wrote:


> That's what we're here for. :)
>
> Let me know if there's anything else you need.
>
> Nicholas Young
>

Nicholas Young

unread,
Dec 29, 2009, 6:59:31 PM12/29/09
to Brian, madmimidev
Hm. I don't know if I'm familiar with what you're talking about. Why
don't you send across some examples (maybe off list) and I'll take a
look at it.

Nicholas Young
nich...@nicholaswyoung.com
615.727.2645 (Cell)
615.829.6687 (Main)
http://nicholaswyoung.com

Brian

unread,
Dec 29, 2009, 7:09:59 PM12/29/09
to madmimidev
Thanks Nicholas - I'll do some testing here and will contact you off
list if I see any problems. Once again, I really appreciate the help.

Thanks!

- Brian

On Dec 29, 3:59 pm, Nicholas Young <nicho...@nicholaswyoung.com>
wrote:


> Hm. I don't know if I'm familiar with what you're talking about. Why  
> don't you send across some examples (maybe off list) and I'll take a  
> look at it.
>
> Nicholas Young

> nicho...@nicholaswyoung.com
> 615.727.2645 (Cell)
> 615.829.6687 (Main)http://nicholaswyoung.com
>

Reply all
Reply to author
Forward
0 new messages