PHP - Plus Sign with Get Query

PHP - Plus sign with GET query

If you'll read the entirety of that bug report you'll see a reference to RFC 2396. Which states that + is reserved. PHP is correct in translating an unencoded + sign to a space.

You could use urlencode() the ciphertext when returning it to the user. Thus, when the user submits the ciphertext for decryption, you can urldecode() it. PHP will do this automatically for you if it comes in via the GET string as well.

Bottom line: The + must be submitted to PHP as the encoded value: %2B

PHP $_GET for parameter with plus sign

Here's a quote from the docs:

Dots and spaces in variable names are converted to underscores. For example <input name="a.b" /> becomes $_REQUEST["a_b"].

Therefore you can access your data like this:

$_GET['f_Record_Type|emuRecordLevel'];

If you are in doubt, you can use var_dump to see the value of $_GET:

var_dump($_GET);

Is it possible to preserve plus signs in PHP $_GET vars without encoding?

Of course. You could read out $_SERVER["QUERY_STRING"], break it up yourself, and then forgo the usual URL decoding, or only convert %xx placeholders back.

preg_match_all('/(\w+)=([^&]+)/', $_SERVER["QUERY_STRING"], $pairs);
$_GET = array_combine($pairs[1], $pairs[2]);

(Example only works for alphanumeric parameters, and doesn't do the mentioned %xx decoding. Just breaks up the raw input.)

Plus sign decoded into space

are wrongly decoded

They are correctly decoded.

Can I change the type of enconding and "Content-Type" header accordingly?

No. The Content-Type header describes the format of the request body, not the query string.

You should encode the data in the query string correctly in the first place.

A + sign should be represented as %2B.

Plus sign in query string

+ sign has a semantic meaning in the query string. It is used to represent a space. Another character that has semantic importance in the query string is & which is used to separate the various var=value pairs in the query string.

Most server side scripts would decode the query parameters before using them, so that a + gets properly converted to a space. Now, if you want a literal + to be present in the query string, you need to specify %2B instead.

+ sign in the query string is URL-decoded to a space. %2B in the query string is URL-decoded to a + sign.

See the difference between

http://www.google.com/search?q=foo+bar

and

http://www.google.com/search?q=foo%2Bbar

In the above examples, Google's server script is URL-decoding the query parameters and then using them to do the search.

URL-encoding is nothing but % sign followed by the hex-code of the special character. For example, we know that the hex code of A is 0x41 (decimal: 65). Try this:

http://www.google.com/search?q=%41

Hope this makes URL-encoding clear.

So, if you want the + sign to be preserved when a JavaScript is fetching a URL with + signs in its query parameters and a server side script would process the query parameters after URL-decoding it, you should URL-encode the query parameters in the URL before using issuing the HTTP get request so that all + signs are converted to %2B's when the request reaches the server side script. Now when the server side script URL-decodes the query string, all %2B's gets converted back to + signs which is what you want.

See Encode URL in JavaScript? to learn how to URL-encode the parameters using JavaScript. Short answer from the discussion there:

var encodedURL = "http://example.com/foo.php?var=" + encodeURIComponent(param);

Removing plus sign from the query string php

You can use:

$input = trim(urldecode($input));

where $input is one of the post parameters, such as: $input = $_POST["query"]; // if query was the POST parameter.

Edit: The other advantage of using urldecode is that it takes care of all other non alphanumeric characters that have been encoded.

From: http://php.net/manual/en/function.urldecode.php

PHP - Plus Sign with Get Query