avoid special character on url

[robert_gsfame]

How can i avoid special character to be written on url..

let say i have

 

mypage.php?name=James+Barnwell

 

then when i put special character like %?()* n i will get an error...i know that this is very dangerous but i dont have any idea on how to avoid that

 

i try to use str_replace but not working...

 

$string=$_GET['value'];

$replacethis=array('\%','\?','\*');

$replaceby=array('','','');

$string1=str_replace($replacethis,$replaceby,$string);

 

 

 

 

[trq]

urlencode.

[robert_gsfame]

when i use urlencode() assume "Jim Carey", then i will have trouble with the query

 

I will have

$query=mysql_query("SELECT * FROM table1 WHERE actor_name='Jim+Carey'");

instead of

$query=mysql_query("SELECT * FROM table1 WHERE actor_name='Jim Carey'");

 

 

???

 

[robert_gsfame]

okay..i got it!

 

although i rather choose to use str_replace and replace or special character which is not needed...

 

anyway thx

[Pikachu2000]

Did you try it without using strreplace()? The superglobals $_GET and $_REQUEST are already decoded.

[wildteen88]

You can undo urlencode with its brother function urldecode. When you're passing the names in the url you'll use urlencode, eg

 

$name = 'Jim Carey';
echo '<a href="name.php?name='.urlencode($name).'">Send Name</a>';

 

When you reftrieve the name from the url you'll use urldecode,

if(isset($_GET['name']))
    echo urldecode($_GET['name']);