ID: 39078
User updated by: main at springtimesoftware dot com
Reported By: main at springtimesoftware dot com
-Status: Bogus
+Status: Open
Bug Type: Feature/Change Request
Operating System: Windows XP
PHP Version: 5.1.6
New Comment:
The JavaScript escape function does not do what the urlencode function
does.
If it did, then escape on the JavaScript side would match urldecode on
the PHP side, and this problem would not exist.
If you apply escape to "+ ", you get "+ ". On the PHP side, PHP
automatically applies urldecode, and you get " ".
So, the problem is that plus sign does not get through to the PHP
script.
Is that clear now?
David
Previous Comments:
------------------------------------------------------------------------
[2006-10-07 20:48:17] [EMAIL PROTECTED]
Javascript has escape() method exactly for that.
------------------------------------------------------------------------
[2006-10-07 20:38:38] main at springtimesoftware dot com
JavaScript does not support urlencode.
Perhaps if you read the bug report again?
David
------------------------------------------------------------------------
[2006-10-07 20:27:56] [EMAIL PROTECTED]
That's why you should use urlencode().
------------------------------------------------------------------------
[2006-10-07 18:54:46] main at springtimesoftware dot com
Description:
------------
I searched the bug database, but could not find this problem
addressed.
This is a simple case using default configurations where a client
JavaScript script sends a plus sign and a space as an argument as part
of a URL to a server.
The script constructs the URL using the JavaScript 'escape' function,
as recommended:
URL='www.example.com/example.php?Arg='+escape('+ ');
The server, running Apache and PHP, automatically runs urldecode (that
is, I think it does; I could not find this documented in the PHP manual
even after I did a lot of searching).
The PHP code
$Arg=$_GET["Arg"];
receives the string as " " (two spaces) instead of the expected "+ ".
This is not a bug, but documented behavior of urldecode!
My request for a feature is this: add a runtime-accessible
configuration option to suppress any default decoding of GET, POST, and
other such arrays. Then the programmer can use rawurldecode to decode
arguments properly.
Note: Although I only mentioned plus sign and space above, I really
want to pass a string that can contain characters with any byte value,
0 to 255. This is to support cryptology protocols.
David Spector
Springtime Software
Reproduce code:
---------------
Let me know if you really need a test case. It would include a client
page and a server page.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=39078&edit=1
