PHP URL Encoding / Decoding
I used the solution accepted for this question for encrypting by id for example in /index.php?id=3 . The problem is I cannot send the encrypted value as an url, example /index.php?id=dsf13f3343f23/23=. Because sometimes it will have weird characters in the url e.g. notice the =
sign in the end
Solution 1:
The weird characters in the values passed in the URL should be escaped, using urlencode(
).
For example, the following portion of code :
echo urlencode('dsf13f3343f23/23=');
would give you :
dsf13f3343f23%2F23%3D
Which works fine, as an URL parameter.
And if you want to build aquery string with several parameters, take a look at the http_build_query()
function.
For example :
echo http_build_query(array(
'id' => 'dsf13f3343f23/23=',
'a' => 'plop',
'b' => '$^@test',
));
will give you :
id=dsf13f3343f23%2F23%3D&a=plop&b=%24%5E%40test
This function deals with escaping and concatenating the parameters itself ;-)
Solution 2:
Use PHP's urlencode()
function to encode the value before you put it into a URL.
string
urlencode
( string
$str
)
This function is convenient when encoding a string to be used in a query part of a URL, as a convenient way to pass variables to the next page.
This function converts "weird" characters, such as =
, into a format safe to put into a URL. You can use it like this:
Header('Location: /index.php?id=' . urlencode($id))
Solution 3:
If you use Base64 to encode the binary value for the URL, there is also a variant with URL and filename safe alphabet.
You can use the strtr
function to translate one from alphabet to the other:
$base64url = strtr($base64, '+/', '-_');
$base64 = strtr($base64url, '-_', '+/');
So you can use these functions to encode and decode base64url:
function base64url_encode($str) {
return strtr(base64_encode($str), '+/', '-_'));
}
function base64url_decode($base64url) {
return base64_decode(strtr($base64url, '-_', '+/'));
}
See also my answer on What is a good way to produce an short alphanumeric string from a long md5 hash?
Solution 4:
There is no use in encrypting parameters.
Send it as is:
/index.php?id=3
nothing wrong with it.