PHP script not decoding URL parameters in $_REQUEST[] (%20 values present) after deploying to 5.2.4

Question

I have developed a PHP script that uses $_REQUEST[] superglobal. A typical client request might consist of:

http://host.name/socnet/add.php?shortid=1&author=NewUser2&comment=Dad%20dad%20dad

This URL is rewritten by Apache in my production environment to an equivalent https:// URL according to the following rewrite rule:

RewriteRule ^socnet/add.php(.*) https://%{SERVER_NAME}/socnet/add.php$1 [R,L]

Whilst developing with PHP 5.3.2 and debugging with NetBeans everything works as expected $_REQUEST['comment']="Dad dad dad"

However when I deployed to my VPS host environment running PHP 5.2.4 and which does the URL rewriting described above $_REQUEST['comment']="Dad%20dad%20dad"...

So it looks like $_REQUEST['comment'] is not url decoded as expected with 5.2.4 and my rewrite rule

Any ideas for why this is happening and a sensible workaround would be greatly appreciated. Is it a PHP version related issue or something more subtle? Interested to hear from anyone who has encountered this issue at the time of deployment before and how they solved it.

Answer 1

I suspect that mod_rewrite is encoding it, leading to it being encoded twice. I have not tried this, but instead of matching (.*), try changing the [R,L] to [R,L,QSA]. QSA stands for query-string-appended.

EDIT

The correct option found by landstatic himself is NE which stands for no escaping.