ampersand problem when passing multiple parameters in URL

[Magnus Warker]

Hi,

when I try to pass some parameters in an URL, I always get an URL where the
ampersand is represented as '&'.

I tried:

$url = "wsp.php?mod=$mod&sec=$sym";
$url = "wsp.php?mod=$mod" . '&' . "sec=$sym";

and many other variations.

The result is always the same (for $mod=adm and $sec=usr):

'wsp.php?mod=adm&sec=usr'

The ampersand seems to be masked by some unwanted functionality.
So, how can I get my URL as follows:

'wsp.php?mod=adm&sec=usr'

Thank you very much,
Magnus

[Tom Thackrey]

On 4-Aug-2003, Magnus Warker <magnus@gmx.de> wrote:

> when I try to pass some parameters in an URL, I always get an URL where
> the
> ampersand is represented as '&amp;'.
>
> I tried:
>
> $url = "wsp.php?mod=$mod&sec=$sym";
> $url = "wsp.php?mod=$mod" . '&' . "sec=$sym";
>
> and many other variations.
>
> The result is always the same (for $mod=adm and $sec=usr):
>
> 'wsp.php?mod=adm&amp;sec=usr'
>
> The ampersand seems to be masked by some unwanted functionality.
> So, how can I get my URL as follows:
>
> 'wsp.php?mod=adm&sec=usr'

The only way & would get changed to &amp; is if you run the string through
htmlspecialchars() or a similar function. Post the code.

--
Tom Thackrey
[url]www.creative-light.com[/url]

[matty]

Magnus Warker wrote:

> Hi,
>
> when I try to pass some parameters in an URL, I always get an URL where
> the ampersand is represented as '&amp;'.
>
> I tried:
>
> $url = "wsp.php?mod=$mod&sec=$sym";
> $url = "wsp.php?mod=$mod" . '&' . "sec=$sym";
>
> and many other variations.
>
> The result is always the same (for $mod=adm and $sec=usr):
>
> 'wsp.php?mod=adm&amp;sec=usr'
>
> The ampersand seems to be masked by some unwanted functionality.
> So, how can I get my URL as follows:
>
> 'wsp.php?mod=adm&sec=usr'
>
> Thank you very much,
> Magnus

It's meant to be &amp; if it's in an html page.

--
Matt Mitchell - AskMeNoQuestions
Dynamic Website Development and Marketing

[Magnus Warker]

Hi Tom,

here is the code. The function should print a table item with a label ($lbl)
which is a link to a workspace ($wsp) containing two parameters, a module
($mod) and a section ($sym):

function mod_idx_itm ($mod,$sym,$lbl)
{
$url = "wsp.php?mod=$mod&sec=$sym";
print " <td align='left' nowrap>\n";
echo " <a href='" . "$url" . "'>$lbl</a>\n";
print " </td>\n";
}

Matty:
You mean, &amp; in URLs is really correct and works??

Magnus


Tom Thackrey wrote:

> The only way & would get changed to &amp; is if you run the string through
> htmlspecialchars() or a similar function. Post the code.
>

[Chris Morris]

Magnus Warker <magnus@gmx.de> writes:

> You mean, &amp; in URLs is really correct and works??

It's *correct* if it's output to HTML for the browser to parse - so
<a href="example.php?this=2&amp;that=1">
or
<img src="exampleimage.php?this=2&amp;that=1" alt=" ">

Works in every browser I've tested in (ranging from Mozilla 1.4 down
to Netscape 1) - not entity referencing the & to &amp; is known to
break at times.

It's *not correct* if it's being used for internal purposes in PHP
header("Location: http://www.example.com/example.php?this=1&that=2");
or
include("http://www.example.com/example.php?this=1&that=2");

--
Chris

[matty]

Magnus Warker wrote:

>
> Matty:
> You mean, &amp; in URLs is really correct and works??
>
> Magnus
>
>

If it's in an HTML page, yes! The urls are actually *meant* to be like this,
and if they're not, they're actually invalid. If you're storing it in a database,
or sending an HTTP header, then no, it shouldn't be entity escaped.

$url='http://myserver.com/?this=that&me=you';

print '<a href="'.htmlentities($url).'">'; ...

but
header('Location: '.$url."\r\n");

HTH