Need to remove %20 from url in get

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

SOLUTION

Shaun Vermaak

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

SOLUTION

Early Learning Coalition

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Robert Francis

ASKER

Ray Paseur - Weird. Unless I am using it wrong urldecode gives the same results: $cat = URLDecode($_GET["cat"]);

Shaun Vermaak - Urlencode returns Juniors+

Luis Mena - I have no control of the data in the database

Shaun Vermaak

Sorry, meant decode. Look at image

Robert Francis

ASKER

I see what you are saying, but I have ZERO idea how to implement it. The is the code from the sending page:

<a href="shop2.php?cat=<?php echo $CATEGORY_NAME;?>"><img class="img-responsive center-block" src="/SDL/PRODUCT_IMAGE/<?php echo $PRODUCT_IMAGE;?>" width="100px" alt=""></a>

This is the code from the receiving page:

$cat = $_GET["cat"];
<h2><?php echo $cat;?></h2>

Forget about the code for a moment and just look at the data. URLDecode() will decode the URL-encoded portions, but you may not have to do that. PHP makes some assumptions about URLs and often decodes the information for you.

Please use var_dump() to print out the contents of $_GET and $cat and post the output here. Let's look at those first, then we can see what we need to do.

ASKER CERTIFIED SOLUTION

Dave Baldwin

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Here are a couple of examples that might help shed some light on things. Try each of these links and look at the output.

This one shows how to use URLDecode()
https://iconoun.com/demo/temp_prince.php

This one shows what happens when you have a request variable with the ampersand in it. Basically, it does not work.
https://iconoun.com/demo/temp_prince.php?cat=Juniors%20&%20Young%20Men

This one shows how the properly encoded value should be used in the URL. Note that there is no ampersand, but there is instead %26
https://iconoun.com/demo/temp_prince.php?cat=Juniors+%26+Young+Men

If your code is generating the link with the %20&%20 in it, you need to change your code to use URLEncode() on the raw request variables.

Here is the script you will be running when you visit the links posted above.

<?php // demo/temp_prince.php
/**
 * https://www.experts-exchange.com/questions/29006247/Need-to-remove-20-from-url-in-get.html
 */
error_reporting(E_ALL);
echo '<pre>';

$str = 'http://www.xxx.net/shop2.php?cat=Juniors%20&%20Young%20Men';
$new = urldecode($str);
var_dump($str);
var_dump($new);

var_dump($_GET);

Following on from the above do this in your SENDING page

<a href="shop2.php?cat=<?php echo urlencode($CATEGORY_NAME);?>"><img class="img-responsive center-block" src="/SDL/PRODUCT_IMAGE/<?php echo $PRODUCT_IMAGE;?>" width="100px" alt=""></a>

Dave Baldwin

We just had a long question about this here: https://www.experts-exchange.com/questions/29001074/How-to-use-question-mark-in-filename-with-html.html The conclusion was to get rid of the '?' in the URL and query string. The asker was unable to find any way to successfully use a '?' in a file name in a URL query string.

Except here they are using an & which works

Working sample here

Source

<?php
$CATEGORY_NAME="Juniors & Young Men";
?>
<a href="reflect.php?cat=<?php echo urlencode($CATEGORY_NAME);?>"><img class="img-responsive center-block" src="images/foreground4.png" width="100px" alt=""></a>

EDIT
Works with embedded '?' as well

Dave Baldwin

Sorry, wrong character. But you can put "Juniors & Young Men" in the query string but when it is received by PHP you will see what they asker is seeing. The '&' is a delimiter between the name/value pairs.

The '&' is a delimiter between the name/value pairs.

If you look at the sample that points to the reflect script
URL going in

.../reflect.php?cat=Juniors+%26+Young+Men

Dump of $_GET from reflect

GET

Array
(
    [cat] => Juniors & Young Men
)

As I understand it the asker wants $cat to have the value 'Juniors & Young Men' - which is what he will get from

$cat = $_GET['cat'];

If he is going to use this for output again the only change I would make is

$cat = isset($_GET['cat']) ? htmlentities($_GET['cat']) : false;

Here are the rules:

1. If the data is from an external source, filter it and accept only known good values.
2. If the data goes to an external destination, escape it.
2a. "Escape" means different things in different contexts
2b. If the data goes into a SQL query string, one of the real_escape_string() functions is probably correct
2c. If the data goes into a URL, urlencode() is the right thing to use
2d. If the data goes into browser text, htmlentities() is the right thing to use

This is all PHP Security 101. You can ignore parts of this at your own risk.

Robert Francis

ASKER

I found it easier to just do a search and replace on the database and changed all the '&' to 'and'.

Thanks everyone.