1

I'm trying to use http_build_query and it's returning an unexpected string. Here's an example of what I'm doing:

$timestamp = time();

$args = array("name"=>"Bob",
              "id"=>uniqid(),
              "timestamp"=>$timestamp,
              "token"=>md5('unique_salt' . $timestamp));

$query = http_build_query($args, '', '&');

echo $query;

And this is the result:

name=Bob&id=5354a8336b3d7×tamp=1398057011&token=ba2c56005ac83d5169d173993f6a0d32

You can see that the key "timestamp" has been replaced with "×tamp" - I'm not even sure what that first character is because it is not the letter x.

I've tested this on several different servers with the same result. What gives?!

Improve this question
1
  • 1
    Try to explore page source of output. Commented Apr 21, 2014 at 5:29

1 Answer 1

Reset to default
6

That's because in HTML &times translates to the multiplication sign; this is why you should escape HTML output.

echo htmlspecialchars($query, ENT_QUOTES, 'UTF-8');
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.