In this post urlencode can mean either of two things:
urlencode()the PHP function
- url encoding concept for transmittal of strings between web server and browser.
First I’ll cover
urlencoding() the function; and, hopefully url encoding the concept will become clear — so, I won’t have to explain it too much!
Most of this material comes from the PHP Manual.
string urlencode ( string $str )
This function is convenient when encoding a string to be used in a query part of a URL, as a convenient way to pass variables to the next page.
Okay! That last paragraph came straight from the manual. You are wondering: What is “a query part of a URL”? Well … that is the part of a URL which follows the file name, starts with a question mark and consists of a series of variable definitions.
Returns a string in which all non-alphanumeric characters except
-_. have been replaced with a percent (
%) sign followed by two hex digits and spaces encoded as plus (
+) signs. It is encoded the same way that the posted data from a WWW form is encoded, that is the same way as in
application/x-www-form-urlencoded media type. This differs from the » RFC 3986 encoding (see
rawurlencode()) in that for historical reasons, spaces are encoded as plus (
Example #1 urlencode() example
<?php echo '<a href="mycgi?foo=', urlencode($userinput), '">'; ?>
Example #2 urlencode() and htmlentities() example
<?php $query_string = 'foo=' . urlencode($foo) . '&bar=' . urlencode($bar); echo '<a href="mycgi?' . htmlentities($query_string) . '">'; ?>
'&bar='is for separating the variable definitions.
The author who wrote the paragraph which follows has
Be careful about variables that may match HTML entities. Things like
£ are parsed by the browser and the actual entity is used instead of the desired variable name. This is an obvious hassle that the W3C has been telling people about for years. The reference is here: » http://www.w3.org/TR/html4/appendix/notes.html#h-B.2.2. PHP supports changing the argument separator to the W3C-suggested semi-colon through the
arg_separator .ini directive. Unfortunately most user agents do not send form data in this semi-colon separated format. A more portable way around this is to use
& instead of
& as the separator. You don’t need to change PHP’s
arg_separator for this. Leave it as
&, but simply encode your URLs using
Okay! That last bit about “use
&” was confusing. Here is what it means. You want to use
&as the separator instead of using the
;as separator. However, don’t use
&itself. Use the HTML entity for
&)— because you don’t want something like
'&bar='as noted above.
Note to people who are turned off by confusing technical writing. It’s not your fault. There is nothing wrong with your mind. It’s just the nature of the beast. The material has to be concise and focused (on a particular audience.) Or else it would be good for no one.