Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Evert Pot's Blog:
Javscript's escape and encodeURI vs. PHP $_POST
Jan 07, 2010 @ 20:10:46

Evert Pot came across something strange in an application he was working with - the incorrect decoding of data coming back from an Ajax call POSTed back into the app.

Basically, data is coming into our PHP application through a Javascript's XMLHttpRequest (ajax). [...] Normally everything in the $_POST and $_GET arrays is already decoded, so when you're dealing with these arrays you don't really have to think about this. This time however, I was dealing with some non-latin unicode characters and for some reason they were never decoded and ended up in the database as raw url-encoded strings.

The issue was caused by the fact that the non-latin characters were handled differently on the byte level and that, because of the choice PHP makes on which of the unicode characters to use for spaces, he found that there were two options for handling strings - escape() and encodeURI().

tagged: javascript encode encodeuri nonlatin character

Link:


Trending Topics: