1

According to W3 schools :

URL encoding converts characters into a format that can be transmitted over the Internet. URLs can only be sent over the Internet using the ASCII character-set. Since URLs often contain characters outside the ASCII set, the URL has to be converted into a valid ASCII format.

I have a url encode statement following an insert query :

$Query = "INSERT INTO $Table_1 VALUES ('0','".mysql_escape_string($forename)."','".mysql_escape_string($surname)."', '".mysql_escape_string($username)."', '".mysql_escape_string($password)."', '".mysql_escape_string($email)."')";

if(mysql_db_query ($DBName, $Query)) {
$message = " - You have successfully registered";
header("Location: register.php?message=".urlencode($message));
} else {
die("Query was: $Query. Error: ".mysql_error());
}

Why is it necessary? Because characters such as @ in an e-mail address are being sent in the header redirect?

Improve this question
3
  • Isn't w3schools explanation enough? (it's not entirely correct though) Commented Apr 7, 2014 at 22:31
  • What do you mean it's not entirely correct?! Commented Apr 7, 2014 at 22:45
  • it mentions ASCII for some reason, while only a narrow subset of ASCII characters is allowed there. Check my answer for a further explanation. Commented Apr 7, 2014 at 22:46

1 Answer 1

Reset to default
3

As per RFC3986

URI           = scheme ":" hier-part [ "?" query ] [ "#" fragment ]
query         = *( pchar / "/" / "?" )
pchar         = unreserved / pct-encoded / sub-delims / ":" / "@"
unreserved    = ALPHA / DIGIT / "-" / "." / "_" / "~"
pct-encoded   = "%" HEXDIG HEXDIG

And RFC2234

HEXDIG        = DIGIT / "A" / "B" / "C" / "D" / "E" / "F"
ALPHA         = %x41-5A / %x61-7A   ; A-Z / a-z
DIGIT         = %x30-39             ; 0-9

So it's required by a standard.

PS: as you can see @ is a valid character to be used in a query as-is without additional encoding.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.