In my code, I create a link like this:
$link = 'http://www.mydomain.com/'.urlencode($str).'/1';
I use url-rewriting and the rule in my htaccess file looks like this:
rewriteRule ^(.+)/(.*)$ index.php?var1=$1&var2=$2 [NC,L]
This code is working fine for almost every strings. But sometimes, the string to encode contains "&". The urlencode function encodes it corectly, but when I read the $_GET array in php, it looks like this (with $str = 'substring1&substring2'):
'var1' => 'substring1' (without "&")
'substring2' => '' (without "&")
'var2' => 1
I really need the "&" in my var. Is there a way to encode that character to make it works?
Also, I really don't know why, but sometimes I get a forbidden http error with some strings passed as var1. Apparently, they have nothing special, for exemple, "Décarie Square" makes that error. Other strings with spaces and "é" are working fine.
Apache's mod_rewrite automatically decodes urlencoded strings when it does regex matching. But it only does this once, so you should be if you urlencode your string twice. This will re-escape all of those `%' characters.
try
$link = 'http://www.mydomain.com/'.urlencode(urlencode($str)).'/1';
or stop relying on rewrite rules and use a framework that handles URL routing properly.
Oh, and there should also be htmlentities() somewhere in there.
Apache will automatically translate (decode) the path. You must use a different encoding or even double encoding. Base 64 will work.
your $str isn't setup with key=val pairs
Try $str = 'var1=substr1&var2=substr2';
Two options:
- Urlencode the string before urlencoding the query.
- Replace all non alphanumerical chars with a dash or underscore
As for the forbidden error are you using http auth basic or digest?
Update may mistake try using htmlentities or htmlspecialchars instead of urlencode
来源:https://stackoverflow.com/questions/6626347/php-get-var-with-urlencode-and-bug