Unable to check for Euro Symbol in POST data

I came across an interesting issue this week, having created a form to submit data I then needed to check against stored values to pre-populate fields if a user had already completed the form. Pretty simple stuff really, not much more to it than

?>
<input type="checkbox" value="$val" <?php if ($stored == $val){ echo " checked"; } ?>
>

But, I found that where the euro symbol (€) is concerned, things can get quite difficult. 

This documentation details the issue I found and how to work around it.

In theory, the code should work in the way this next block does

$val = "&euro; 300"; $storedval="&euro; 300";
if ($val == $storedval){ echo "Yay"; }
// Outputs Yay!

Now where the issue arises is that the value has been submitted via POST (may also affect GET requests as well, I've not got as far as checking). When submitted the euro symbol is converted to %80. No major issue there, that still correlates to the euro symbol, but for some reason PHP was converting that into a Euro symbol using an encoding not supported by HTML Entities (I can't tell which though).

What that meant was the result of running

htmlentities($_POST['eurofield']);

Was that I simply got a euro symbol back, whatever encoding I specified afterwards. I've had a similar issue with url decoding of post data in the past, so implemented a similar fix.

function FixPostVars(){
// Get the raw post data $postdata = file_get_contents("php://input");
// Check for %80
if (strpos($postdata,"%80") !== false){ // It exists so do something with it
// Seperate the pairs $pairs = explode("&", $postdata);
$vars = array();
// Cycle through each foreach ($pairs as $pair) {
$nv = explode("=", $pair);
// Check for the euro if (strpos($nv[1],"%80") !== false){
// Get the field name $name = urldecode($nv[0]);
// Make the change $newval = urldecode(str_replace("%80","&euro;",$nv[1]));
// Update the global $GLOBALS['_POST'][$name] = $newval;
}

}

}

 

Now it's just a case of calling the function once when loading a page that processes POST data.

I don't know if it's specific to the version of PHP or not, it's a pretty old version and unfortunately can't be updated for a number of reasons, but should anyone else encounter this issue that's the fix. 

$storedval = "&euro; 300";
echo $_POST['eurofield']; // Would output € 300
// Comparison would fail

// Fix the input data FixPostVars();
echo $_POST['eurofield']; // Would output &euro; 300 // Comparison would now work!
You can also convert it back, if you need to, by using html_entity_decode
html_entity_decode($_POST['eurofield']); // Should give €300
 
But, I found that where the euro symbol (€) is concerned, things can get quite difficult.  This documentation details the issue I found and how to work around it. " data-calltoactionlabel="READ_MORE" data-calltoactionurl="https://www.bentasker.co.uk/documentation/development-programming/154-unable-to-check-for-euro-symbol-in-post-data">  Share