Page 1 of 1

$_GET['q'] does not work with & ??

Posted: Sat May 02, 2009 10:30 pm
by nicosns
I tried to get the id info from http://www.domain.com/profile.php?id=v-&-cat but I only see the 'v-'

The codes I tried

Code: Select all

<?= htmlentities($_GET['id']) ?>
and

Code: Select all

<?php echo $_GET['id'] ?>
Is this normal? And if so, how to fix this? thanks!

Re: $_GET['q'] does not work with & ??

Posted: Sat May 02, 2009 10:50 pm
by requinix
htmlentities works, but you have to use it on the link. By the time your other script gets it it's too late.

Code: Select all

// bad
echo "http://www.domain.com/profile.php?id=v-&-cat";
 
// good
echo "http://www.domain.com/profile.php?id=" . htmlentities("v-&-cat");
htmlspecialchars is okay, but if you want to follow standards htmlentities is better.

Re: $_GET['q'] does not work with & ??

Posted: Sat May 02, 2009 11:29 pm
by nicosns
thank you, tasairis!