Escape and URLDecode for URL passed using Ajax call
Posted on 2007-04-03
I am passing the PHP script a string as parameters which includes the characters %20. For example, the current call to the PHP program looks like this:
phpparser.php?sqlstr=WHERE fieldname LIKE '%2007.03%' ORDER BY relid ASC
The %20 is cut off the param string when it reaches the PHP script, therefore messing up the MySQL query string I am passing.
I fooled around with escape and URLDecode, but how much of the URL needs to be escaped when using xmlhttp (Ajax) calls? Should I use escape across the entire URL and then URLDecode in the receiving PHP script?