Shulou(Shulou.com)06/02 Report--

This article mainly introduces "how to deal with special characters such as space + comma in parameter transfer of GET method in PHP". In daily operation, it is believed that many people have doubts about how to deal with special characters such as space + comma in parameter transfer of GET method in PHP. The editor consulted all kinds of materials and sorted out simple and useful operation methods. I hope it will be helpful to answer the question of "how to deal with special characters such as spaces + commas in GET method parameters in PHP"! Next, please follow the editor to study!

I wrote a self-use interface in the project development and passed parameters (user name and password) with GET method. Recently received user feedback: there will be an error when the password is a special character. At first I wondered if php's mysql_real_escape_string function escaped the special characters, but the user said that his password only had the special character "+", and the "+" sign did not fall within the scope of the function's escape.

In order to find out this problem, I tested it locally, and sure enough, I found bug.

Test the code:

Index.php

The tested url reported an error for the http://localhost/test/?a=123!@#&b=123 result:

The parameters after # are blocked.

You can see that the parameters after the "#" sign are masked, which is normal, because the data after the "#" sign is not sent to the HTTP request.

When url is http://localhost/test/?a=123!@+1&b=123, the output is:

Running result

123 percent @ 1

one hundred and twenty three

123 percent @ 1

You can see that the "+" sign becomes a space. Google found a solution, which is to urlencode the data before sending it, and then decode it in the background. Based on this idea, I tried again. This time the url is: http://localhost/test/?a=123!%40%23%26%2b&b=123, and the output is:

123 million dollars / month +

one hundred and twenty three

123 million dollars &

There is a problem here, according to theory, the output after urldecode is correct, and all the methods provided on the Internet are written in this way. But this is not the case, it should be that the GET method will automatically urldecode after obtaining the value, and then urldecode itself will be superfluous (the "+" sign is special, urldecode will become a space later). So when we use the GET method, we only need to urlencode the parameter once, and we can solve the problem simply by dealing with it, and we won't encounter the "+" sign bug.

These problems do not occur with the POST method, because the POST method encodes the data, including urlcode. However, these problems are not completely free, and they still occur when you use curl to simulate the POST method.

Test the code:

Index.php

Curl.php

The result of running curl.php:

123! @ #

one hundred and twenty three

123! @ #

You can clearly see that although the data after the "#" sign is not ignored as the GET method does. However, the data obtained is still incorrect because the value of POST in curl is also written like the GET method (parameter string). In fact, the value of POST can also be written as an array, but that is used when submitting a file stream (the Content-Type header will be set to multipart/form-data). Here, using an array will make an error. Referring to the solution in the GET method, urlencode can simply refer to the parameter values.

Curl.php

Output:

123 million dollars, please.

one hundred and twenty three

123! @ # &

Of course, the server does not use urldecode.

Sometimes not all the solutions on the Internet are correct, almost all of them are copied and copied, and they are not sophisticated at all. They should pay attention to discrimination in the process of practice.

A popular solution:

1. Use POST method, ok instead.

2. Use url = encodeURI (encodeURI (XXX)) in js, and decode ok again at the backend.

3. Convert the plus sign in the parameter data = data.replace (/\ + / g, "% 2B")

In particular, the second scheme, which encodes twice and decodes once, is too stupid. It is all about solving problems in order to solve problems.

At this point, the study on "how to deal with special characters such as spaces + commas in GET method parameters in PHP" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.