I have a simple form that generates a new photo gallery, sending the title and a description to MySQL and redirecting the user to a page where they can upload photos.
Everything worked fine until the ampersand entered the equation. The information is sent from a jQuery modal dialog to a PHP page which then submits the entry to the database. After Ajax completes successfully, the user is sent to the upload page with a GET URL to tell the page what album it is uploading to --
$.ajax ({
type: "POST",
url: "../../includes/forms/add_gallery.php",
data: $("#addGallery form").serialize(),
success: function() {
$("#addGallery").dialog('close');
window.location.href = 'display_album.php?album=' + title;
}
});
If the title has an ampersand, the Title field on the upload page does not display properly. Is there a way to escape ampersand for GET?
Thanks
In general you'll want to URL-encode anything that isn't completely alphanumerical when you pass them as parts of your URLs.
In URL-encoding, & is replaced with %26 (because 0x26 = 38 = the ASCII code of &).
To do this in Javascript, you can use the function encodeURIComponent:
$.ajax ({
type: "POST",
url: "../../includes/forms/add_gallery.php",
data: $("#addGallery form").serialize(),
success: function() {
$("#addGallery").dialog('close');
window.location.href = 'display_album.php?album=' + encodeURIComponent(title);
}
});
Note that escape has the disadvantage that + is not encoded, and will be decoded serverside as a space, and thus should be avoided (source).
If you wish to do this serverside at the PHP level, you'll need to use the function urlencode.
window.location.href = 'display_album.php?album=' + encodeURIComponent(title);
The javascript escape function will not encode these characters: * @ - _ + . /. So if you have title like "this+that", the plus sign will be interpreted as a space and PHP will receive the variable as "this that".
Using the encodeURIComponent will also encode the following characters: , / ? : @ & = + $ #
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 叼着烟拽天下 的文章《Ampersand in GET, PHP》','https://www.manongdao.com/article-438461.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}