Frank Tsao
asked on
Escaping ampersands in URL search strings
I have a search feature and I am having problems (read: going crazy) when searching for strings with ampersands (e.g. "rock & roll") and pagination.
I have used urlencode() to convert the ampersand to %26, but it still doesn't work. My URLs look like:
Page 1 | <a href="search.php?cat_id=2& sort=top&s earch=rock +%26+roll" >2</a>
That would appear to have covered the ampersand which is now %26, but once I click on the link it is interpreted by the browser as an ampersand thus breaking the search query string variable.
I have used urlencode() to convert the ampersand to %26, but it still doesn't work. My URLs look like:
Page 1 | <a href="search.php?cat_id=2&
That would appear to have covered the ampersand which is now %26, but once I click on the link it is interpreted by the browser as an ampersand thus breaking the search query string variable.
Last line should have been:
$search = str_replace('<[and]>','&', $search);
Where $search=$_GET['search'];
$search = str_replace('<[and]>','&',
Where $search=$_GET['search'];
Try using `urlencode()`for handling special characters in the URL:
Page 1 | <a href="search.php?cat_id=2& sort=top&s earch=<?=u rlencode(r ock&roll)? >">2</a>
http://www.php.net/urlencode
Page 1 | <a href="search.php?cat_id=2&
http://www.php.net/urlencode
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@ncoo
I was thinking of using a different character such as <[and]> as you suggested, but was hoping for a way around using that method.
@b0lsc0tt
Hm, I'm playing around with a simple script and you may be on to something about the search script I am using being the problem. I'm not at my work pc, but will test it out tomorrow and follow up with the results.
I was thinking of using a different character such as <[and]> as you suggested, but was hoping for a way around using that method.
@b0lsc0tt
Hm, I'm playing around with a simple script and you may be on to something about the search script I am using being the problem. I'm not at my work pc, but will test it out tomorrow and follow up with the results.
suggest to replace the & into @, and replace it back when retrieving the data from the next page
ASKER
b0lsc0tt
Yes, the problem was the script after all. It's a case of working on a script for too long and missing something. What happened is that I have links to sort the results by top matches, alphabetically, etc which I used the urlencode() function on instead of using urlencode() on the pagination links! Although the sorting links would also need it, but that wasn't the problem. Oh, using urldecode() isn't necessary afterwords.
I knew using urlencode() had to work since I've seen other sites encode special characters.
Thanks everyone for your input.
Yes, the problem was the script after all. It's a case of working on a script for too long and missing something. What happened is that I have links to sort the results by top matches, alphabetically, etc which I used the urlencode() function on instead of using urlencode() on the pagination links! Although the sorting links would also need it, but that wasn't the problem. Oh, using urldecode() isn't necessary afterwords.
I knew using urlencode() had to work since I've seen other sites encode special characters.
Thanks everyone for your input.
It looks like the test worked. :) I'm glad I could help. Thanks for the grade, the points and the fun question.
bol
P.S. I would not use @ in place of & or another reserved character. The ampersat (@) is also reserved and has special use in the URL. Although it would probably be OK in the query string part of the URL it is best to avoid using it as a substitute.
bol
P.S. I would not use @ in place of & or another reserved character. The ampersat (@) is also reserved and has special use in the URL. Although it would probably be OK in the query string part of the URL it is best to avoid using it as a substitute.
Your welcome! I had loaded this page before your last post so that is why I said "it looks like." Thanks for the follow up.
bol
bol
You will need to convert the ampersand to something else e.g. <[and]>
So in your link you would have:
<a href="search.php?cat_id=2&
On search.php you would convert <[and]> back to &
$search = str_replace('<[and]>',&,$s