Jump to content

rawurldecode() not decoding %20 as white space

jbonnett

By jbonnett
in PHP Coding Help

 Share

Recommended Posts

jbonnett Member

jbonnett

Posted
  • Author
Posted (edited)

How are you retrieving that URI? Can we see some actual code?

 

echo rawurldecode("On%20the%20go"); running this produces "On the go" as expected, for me anyway.

 

If I don't encode the URL or decode it e.g. keep the white space in the URL, it works fine.

I'm have my own MVC, I'm retrieving the URI via $_GET request forwarded to a function using call_user_func_array(), so I then do something like this:

some_function($get = "") {
    if($get != "") {
        echo rawurldecode($get);
    }
}
Edited by jbonnett
Link to comment
Share on other sites
jbonnett Member

jbonnett

Posted
  • Author
Posted

Nevermind I found the problem:

private function parseURL() {
    if(isset($_GET["url"])) {
        return explode("/", filter_var(rtrim($_GET["url"], "/"), FILTER_SANITIZE_URL));
    }
}
I fixed it by:

private function parseURL() {
    if(isset($_GET["url"])) {
        return explode("/", str_replace('\/', ' ', filter_var(rtrim(str_replace(' ', '\/', $_GET["url"]), "/"), FILTER_SANITIZE_URL)));
    }
}
Do you have any ideas to make this better? Maybe a different character to make the spaces?
Link to comment
Share on other sites
scootstah Member

scootstah

Posted
Posted

When you call $_GET['url'], PHP automatically decodes it. So when you run it through filter_var(), the string has a space in it which is an illegal character, and is thus removed.

 

I've played with it for a bit and I can't see a real clean way to do what you want. I came up with this: (warning - I'm very tired right now. This could be terrible)

$parts = explode("/", trim($_GET['url'], "/"));
$parts = array_map(function($part){
	return urldecode(filter_var(urlencode($part), FILTER_SANITIZE_URL));
}, $parts);
This will break up your parameter without sanitizing it, and then it will iterate over each part and do the following: urlencode (to convert the decoded spaces back to +), filter_var (to remove illegal characters), urldecode (to convert any encoded characters back again).

 

Pretty hacky.

 

The way I would do it though, is to just not use filter_var. I would just use regex to replace illegal characters, since there is a whole bunch of characters allowed in FILTER_SANITIZE_URL that really don't need to be in a URL.

  • Like 1
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.