doudun2212 2011-08-17 15:32
浏览 1950
已采纳

不要在表单提交时转义特殊字符

I have a form that submits via GET, and one of the hidden fields submits a list of category IDs, separated by comma (1,2,3).

When the get query gets to the page it is going, commas become escaped with %2C.

I cannot make changes to PHP that parses these values, and they must remain commas.

In summary: ?category=1,2,3 works, and ?category=1%2C2%2C3 doesn't.

How do I prevent the comma from being encoded?

Edit to address the comment, simplified, but gives you the gist:

<form method="get" action="something.php">
<input type="hidden" name="category" value="1,2,3">
<input type="submit">
</form>
  • 写回答

4条回答 默认 最新

  • dou8mwz5079 2011-08-17 17:09
    关注

    The problem with "making it stop" is that the encoding is a part of HTTP standards - you "shouldn't want" to make it stop since it is a part of the very basis upon which HTTP is built. RFC2396 describes which characters are allowed and not allowed in a URI:

    2.2. Reserved Characters

    Many URI include components consisting of or delimited by, certain special characters. These characters are called "reserved", since
    their usage within the URI component is limited to their reserved
    purpose. If the data for a URI component would conflict with the
    reserved purpose, then the conflicting data must be escaped before
    forming the URI.

      reserved    = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "+" |
                "$" | ","

    Because of this fact, when using GET to submit a form, the user agent will encode the values according to this specification.

    Your solution lies in either

    1) Change the form to use the POST method, change references to $_GET into $_POST in php

    2) Call urldecode (docs) on the data before using it ($_GET['my_value'] = urldecode($_GET['my_value']);)

    3) Use element arrays to submit this as an array to the server

    <input name="myElement[]" value="1" />
<input name="myElement[]" value="2" />
<input name="myElement[]" value="3" />

    On PHP side, $_GET['myElement'] will be equal to array(1,2,3)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 使用C#,asp.net读取Excel文件并保存到Oracle数据库
  • ¥15 C# datagridview 单元格显示进度及值
  • ¥15 thinkphp6配合social login单点登录问题
  • ¥15 HFSS 中的 H 场图与 MATLAB 中绘制的 B1 场 部分对应不上
  • ¥15 如何在scanpy上做差异基因和通路富集?
  • ¥20 关于#硬件工程#的问题,请各位专家解答!
  • ¥15 关于#matlab#的问题:期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707,使系统具有较小的超调量
  • ¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
  • ¥30 虚心请教几个问题,小生先有礼了
  • ¥30 截图中的mathematics程序转换成matlab