Encoding and Decoding Strings

I l @ ve RuBoard

At the end of Chapter 3 (see Inputting Data Manually), I demonstrated how to use the thinking behind the GET method to send data to a page by appending it to the URL. At that time, I only used this technique to send a variable with a numeric or single word value. We used the same process in Chapter 4, Using Numbers, in much the same way. But what if you want to pass several words as one variable value?

For these instances you have the urlencode () function. As its name implies, this function takes a string and encodes it (changes its form) so that it can properly be passed as part of a URL. It replaces spaces with plus signs (+) and translates special characters (for example, the apostrophe) into a less problematic version. The syntax for this function is:

 $String = urlencode($String);

To demonstrate one use of this function, you'll pass your newly created $Name variable to a page which will then greet the user by their full name.

Script 5.4. Two things to note: first, the `HREF` tag is another HTML element that requires use of double quotation marks which you must escape within the `print()` statement and, second, PHP will replace the $Name variable with its value when sent to the browser (see Figure 5.10).

graphics/05sc04.jpg

To use urlencode():

Open HandleForm.php in your text editor (Script 5.3).

After line 14, add the following (Script 5.4):

 $Name = urlencode($Name);   print ("<P>Click <A HREF=\   "welcome.php?Name=$Name\">   here</A> to see your personalized    greeting!\n");

Create a new document entitled welcome.php. You can either write your own, using the information you've learned so far, or you can duplicate the code from Script 5.5.

Script 5.5. Much like the first "Hello, world!" script from Chapter 1, Getting Started with PHP , the welcome.php page creates a simple, slightly decorated greeting in the Web browser (see Figure 5.11). This greeting is personalized, though.

This new page will receive the $Name value passed to it by the HandleForm.php script. I will use it to help demonstrate how you can pass a value from one page to another to another (from form.html to HandleForm.php to welcome.php ).
Save both scripts, upload them to your server, and test in your Web browser (Figures 5.8, 5.9, 5.10, 5.11, 5.12, 5.13 and 5.14).

Figure 5.8. If you fail to escape your HREF double quotation marks, this last, added line may not appear correctly.

Figure 5.9. This is the HTML source of your PHP generated page. Notice how the encoded name appears appended to the link. If you failed to use the urlencode() function, the result would be like that in Figure 5.12.

Figure 5.10. This latest, dynamic PHP generated page receives a variable not from a form but from another PHP scripta common and useful technique.

Figure 5.11. Merely by looking at the page itself, you cannot tell whether or not the name value has been encoded properly or not. However the HTML source code (Figure 5.12) and the welcome.php page itself (Figure 5.13) will reveal any problems.

Figure 5.12. It will not be obvious until you arrive at the welcome.php page (Figure 5.13), but the space between "Larry" and "Ullman" will result in the last name being dropped in transition from the one page to the other, which is why you need to URL encode variables to be passed on like this.

Figure 5.13. If a receiving PHP page is only ever printing out the first word from a string, it is because that string was not passed in an encoded format.

Figure 5.14. One of the special characters that the urlencode() function addresses is the apostrophe, translated here into its ASCII equivalent, 0%27.

Tip

The urldecode() function does just the opposite of the urlencode() it takes an encoded URL and turns it back into a standard form.

Tip

Remember that values sent directly from a form are automatically URL-encoded prior to being sent and decoded upon arrival at the receiving script. It is only when you need to manually encode data that the urlencode() function is needed (as in the example).

Tip

In Chapter 11, Databases, we'll use functions similar to urlencode() addslashes() and stripslashes(). The former prepares data for entry into a database by escaping problematic characters (single quotation marks, double quotation marks, and the backslash). The later removes the escapes from these same characters. The syntax is exactly as you would expect:

 $Data = addslashes($Data); $Data = stripslashes($Data);

Just as with the urlencode() function, data received from a form is automatically escaped for proper database entry.

I l @ ve RuBoard

Script 5.4. Two things to note: first, the `HREF` tag is another HTML element that requires use of double quotation marks which you must escape within the `print()` statement and, second, PHP will replace the $Name variable with its value when sent to the browser (see Figure 5.10).

Script 5.5. Much like the first `"Hello, world!"` script from Chapter 1, `Getting Started with PHP` , the `welcome.php` page creates a simple, slightly decorated greeting in the Web browser (see Figure 5.11). This greeting is personalized, though.

Figure 5.8. If you fail to escape your `HREF` double quotation marks, this last, added line may not appear correctly.

Figure 5.9. This is the HTML source of your PHP generated page. Notice how the encoded name appears appended to the link. If you failed to use the `urlencode()` function, the result would be like that in Figure 5.12.

Figure 5.10. This latest, dynamic PHP generated page receives a variable not from a form but from another PHP scripta common and useful technique.

Figure 5.11. Merely by looking at the page itself, you cannot tell whether or not the name value has been encoded properly or not. However the HTML source code (Figure 5.12) and the welcome.php page itself (Figure 5.13) will reveal any problems.

Figure 5.12. It will not be obvious until you arrive at the `welcome.php` page (Figure 5.13), but the space between "Larry" and "Ullman" will result in the last name being dropped in transition from the one page to the other, which is why you need to URL encode variables to be passed on like this.

Figure 5.13. If a receiving PHP page is only ever printing out the first word from a string, it is because that string was not passed in an encoded format.

Figure 5.14. One of the special characters that the `urlencode()` function addresses is the apostrophe, translated here into its ASCII equivalent, `0%27.`

Encoding and Decoding Strings

Script 5.4. Two things to note: first, the HREF tag is another HTML element that requires use of double quotation marks which you must escape within the print() statement and, second, PHP will replace the $Name variable with its value when sent to the browser (see Figure 5.10).

Script 5.5. Much like the first "Hello, world!" script from Chapter 1, Getting Started with PHP , the welcome.php page creates a simple, slightly decorated greeting in the Web browser (see Figure 5.11). This greeting is personalized, though.

Figure 5.8. If you fail to escape your HREF double quotation marks, this last, added line may not appear correctly.

Figure 5.9. This is the HTML source of your PHP generated page. Notice how the encoded name appears appended to the link. If you failed to use the urlencode() function, the result would be like that in Figure 5.12.

Figure 5.10. This latest, dynamic PHP generated page receives a variable not from a form but from another PHP scripta common and useful technique.

Figure 5.11. Merely by looking at the page itself, you cannot tell whether or not the name value has been encoded properly or not. However the HTML source code (Figure 5.12) and the welcome.php page itself (Figure 5.13) will reveal any problems.

Figure 5.12. It will not be obvious until you arrive at the welcome.php page (Figure 5.13), but the space between "Larry" and "Ullman" will result in the last name being dropped in transition from the one page to the other, which is why you need to URL encode variables to be passed on like this.

Figure 5.13. If a receiving PHP page is only ever printing out the first word from a string, it is because that string was not passed in an encoded format.

Figure 5.14. One of the special characters that the urlencode() function addresses is the apostrophe, translated here into its ASCII equivalent, 0%27.

Script 5.4. Two things to note: first, the `HREF` tag is another HTML element that requires use of double quotation marks which you must escape within the `print()` statement and, second, PHP will replace the $Name variable with its value when sent to the browser (see Figure 5.10).

Script 5.5. Much like the first `"Hello, world!"` script from Chapter 1, `Getting Started with PHP` , the `welcome.php` page creates a simple, slightly decorated greeting in the Web browser (see Figure 5.11). This greeting is personalized, though.

Figure 5.8. If you fail to escape your `HREF` double quotation marks, this last, added line may not appear correctly.

Figure 5.9. This is the HTML source of your PHP generated page. Notice how the encoded name appears appended to the link. If you failed to use the `urlencode()` function, the result would be like that in Figure 5.12.

Figure 5.12. It will not be obvious until you arrive at the `welcome.php` page (Figure 5.13), but the space between "Larry" and "Ullman" will result in the last name being dropped in transition from the one page to the other, which is why you need to URL encode variables to be passed on like this.

Figure 5.14. One of the special characters that the `urlencode()` function addresses is the apostrophe, translated here into its ASCII equivalent, `0%27.`