views:

165

answers:

2

Hey everyone,

My database contains information extracted from an external feed. In this raw text feed, the following text is used in place of special characters:

& - &
' - &39;
é - é

I extract some of this text to form URLs. For example, a URL that I construct from data containing these characters might look like this:

http://url.com/search/?brand=Franklin&Hédgson's

I use the GET variables in this URL to construct further lookups, which leads to a couple of specific problems:

  1. The é and ' characters are sent back to MySQL as they appear, and so they don't trigger any results (because the characters take the full HTML form in the database text).

  2. The & within the URL separates the variable, and the GET returns only Franklin, when it should return the whole string.

Are there any straightforward ways of dealing with this?

Thanks.

A: 

That's because a '&' within a URL starts a new GET variable. The '?' starts your query string with has 2 items in it, 'brand' = "Franklin" and undefined = "Hédgson's".

Here is a list of URL escape codes that you should use whenever any of those characters appear in your URL (inside a value, of course). So, the '&' needs to be escaped to '%26' when it is put into the string so that the GET will read it properly.

animuson
A: 

You should encode the brand=Franklin&Hédgson's before creating the link, if you are generating the link with php use urlencode http://php.net/manual/en/function.urlencode.php

Then you can use htmlentities to encode the query before sending it off to mysql in a query http://www.php.net/manual/en/function.htmlentities.php

Michael