Page 1 of 1

Problem with passing a variable in the URL

Posted: Fri May 23, 2008 10:28 am
by dajawu
Ok so I have a simple bit of code that takes a variable out of the URL using $_GET['Company']; and passing it into an SQL statement. So far it works fine unless the variable has an ampersand symbol in it. If it does it cuts the variable off at the symbol. For example if the URL was

test.php?Company=Company%20test1

the variable would be 'Company test1'. But if the URL was:

test.php?Company=H&H%20Manufacturing

the variable would be 'H'

It always cuts it off at the ampersand. I have tryed passing an actual '&' symbol and I have tried passing & but neither work. Can you guys help me out?

Thanks in advance, and hello everyone! I just signed up as I am an asspiring PHP coder trying to make a name for myself!

Al

Re: Problem with passing a variable in the URL

Posted: Fri May 23, 2008 10:53 am
by puke7
the & separates variables in the URL
URLs are also not savvy with HTML entities like &
use php functions urlencode() & urldecode() to turn symbols into parsable hex values and back again

Re: Problem with passing a variable in the URL

Posted: Fri May 23, 2008 10:58 am
by N1gel
PHP provides these functions to do it

urldecode

urlencode

Re: Problem with passing a variable in the URL

Posted: Fri May 23, 2008 11:05 am
by dajawu
Wow it separates the variables, that’s right! Amateur mistake, thanks guys!

Re: Problem with passing a variable in the URL

Posted: Fri May 23, 2008 11:30 am
by highjo
i think you should use urlencode before you pass the variable through querystring.the ampersand between H&H is seen as a start of another variable.

Re: Problem with passing a variable in the URL

Posted: Fri May 23, 2008 12:27 pm
by RobertGonzalez
You should also be escaping any data that touches your database. Always.