How is it guaranteed to check that the line went through urlencode and the line must be urldecode through urldecode before working with it?

  • 2
    No . . . . - andreymal
  • And what's the problem to drive it through urldecode without any checks? - newman
  • This is a twin of the question "How is it guaranteed to check that the file is text." - Igor
  • @newman is that if I write a%20b , I can bear it in mind with the percentage a%20b , and nifiga not with the space ab - andreymal
  • 6
    @ Dmitriy Gvozd it means that you have poorly organized your code and are confused in it. Rewrite it so that for any line you can absolutely say where it was transformed, just by reading the code in the editor without starting it at all - andreymal

2 answers 2

If you want to check in general any arbitrary string. That most likely will not work. IMHO you are looking for a problem in the wrong place, most likely the architectural trabl and you should make sure that a string is sent to urlencode once or to save an unchanged string.

    Check for the presence of the = sign in the string, in the encoded one it will look like %3 :

     $param1 = "beyong"; $param2 = "galvanize"; $qs = urlencode("param1=$param1&param2=$param2"); if( preg_match("/%3D/", $qs) ) { echo "query string is already urlencoded"; }
    • What if the source line is %3 and it is not actually driven? - andreymal
    • I think that if the urldecode is used for its intended purpose, then the string in any case will have at least one key pair = value - Kirill Korushkin
    • four
      Proceeding from the fact that this question was asked at all, I am sure that the author does not use urlencode as intended :) - Andreymal
    • I agree, but it became interesting to myself) - Kirill Korushkin
    • one
      And, by the way, it's still not %3 , but %3D is andreymal