Edit Report a Bug

    urlencode

    (PHP 4, PHP 5, PHP 7)

    urlencodeURL-encodes string

    Description

    string urlencode ( string $str )

    This function is convenient when encoding a string to be used in a query part of a URL, as a convenient way to pass variables to the next page.

    Parameters

    str

    The string to be encoded.

    Return Values

    Returns a string in which all non-alphanumeric characters except -_. have been replaced with a percent (%) sign followed by two hex digits and spaces encoded as plus (+) signs. It is encoded the same way that the posted data from a WWW form is encoded, that is the same way as in application/x-www-form-urlencoded media type. This differs from the » RFC 3986 encoding (see rawurlencode()) in that for historical reasons, spaces are encoded as plus (+) signs.

    Examples

    Example #1 urlencode() example

    <?php
    echo '<a class="mycgi?foo='urlencode($userinput), '">';
    ?>

    Example #2 urlencode() and htmlentities() example

    <?php
    $query_string 
    'foo=' urlencode($foo) . '&bar=' urlencode($bar);
    echo 
    '<a class="mycgi?' htmlentities($query_string) . '">';
    ?>

    Notes

    Note:

    Be careful about variables that may match HTML entities. Things like &amp, &copy and &pound are parsed by the browser and the actual entity is used instead of the desired variable name. This is an obvious hassle that the W3C has been telling people about for years. The reference is here: » www.w3.org/TR/html4/appendix/notes.html#h-B.2.2.

    PHP supports changing the argument separator to the W3C-suggested semi-colon through the arg_separator .ini directive. Unfortunately most user agents do not send form data in this semi-colon separated format. A more portable way around this is to use &amp; instead of & as the separator. You don't need to change PHP's arg_separator for this. Leave it as &, but simply encode your URLs using htmlentities() or htmlspecialchars().

    See Also

    • urldecode() - Decodes URL-encoded string
    • htmlentities() - Convert all applicable characters to HTML entities
    • rawurlencode() - URL-encode according to RFC 3986
    • rawurldecode() - Decode URL-encoded strings
    • » RFC 3986

    spacer add a note

    User Contributed Notes 32 notes

    up
    down
    23
    davis dot peixoto at gmail dot com
    5 years ago
    urlencode function and rawurlencode are mostly based on RFC 1738.

    However, since 2005 the current RFC in use for URIs standard is RFC 3986.

    Here is a function to encode URLs according to RFC 3986.

    <?php
    function myUrlEncode($string) {
       
    $entities = array('%21', '%2A', '%27', '%28', '%29', '%3B', '%3A', '%40', '%26', '%3D', '%2B', '%24', '%2C', '%2F', '%3F', '%25', '%23', '%5B', '%5D');
       
    $replacements = array('!', '*', "'", "(", ")", ";", ":", "@", "&", "=", "+", "$", ",", "/", "?", "%", "#", "[", "]");
        return
    str_replace($entities, $replacements, urlencode($string));
    }
    ?>
    up
    down
    27
    leaksin [ at ] gmail [ dot ] com
    2 years ago
    "cleaning the URL",Totally and in a nut shell:
    1.You must use rawurlencode() for parts that come before "?"
    2.Use urlencode for all GET parameters (values that come after each "=")(POST parameters are automatically encoded).
    3.Use htmlspecialchars for HTML tag parameters and HTML text content

    <?php
    $url_page
    = 'example/page/url.php';
    //page the link will request
    $text = 'this is a simple string';   
    $id = '4334%3434';       
    $linktext = "<Clickit> & you will see it";
    //text of the link, with HTML unfriendly characters
    ?>
    <?php
    // this gives you a clean link to use
    $url = "localhost/";
    $url .= rawurlencode($url_page);
    $url .= "?text=" . urlencode($text);
    $url .= "&id=" . urlencode($id);

    // htmlspecialchars escapes any html that
    // might do bad things to your html page
    ?>
    <a class="<?php echo htmlspecialchars($url); ?>">
    <?php echo htmlspecialchars($linktext); ?>
    </a>
    up
    down
    14
    omid at omidsakhi dot com
    5 years ago
    I needed a function in PHP to do the same job as the complete escape function in Javascript. It took me some time not to find it. But findaly I decided to write my own code. So just to save time:

    <?php
    function fullescape($in)
    {
     
    $out = '';
      for (
    $i=0;$i<strlen($in);$i++)
      {
       
    $hex = dechex(ord($in[$i]));
        if (
    $hex=='')
          
    $out = $out.urlencode($in[$i]);
        else
          
    $out = $out .'%'.((strlen($hex)==1) ? ('0'.strtoupper($hex)):(strtoupper($hex)));
      }
     
    $out = str_replace('+','%20',$out);
     
    $out = str_replace('_','%5F',$out);
     
    $out = str_replace('.','%2E',$out);
     
    $out = str_replace('-','%2D',$out);
      return
    $out;
    }
    ?>

    It can be fully decoded using the unscape function in Javascript.
    up
    down
    2
    david winiecki gmail
    1 year ago
    Since PHP 5.3.0, urlencode and rawurlencode also differ in that rawurlencode does not encode ~ (tilde), while urlencode does.
    up
    down
    3
    frx dot apps at gmail dot com
    5 years ago
    I wrote this simple function that creates a GET query (for URLS) from an array:

    <?php
    function encode_array($args)
    {
      if(!
    is_array($args)) return false;
     
    $c = 0;
     
    $out = '';
      foreach(
    $args as $name => $value)
      {
        if(
    $c++ != 0) $out .= '&';
       
    $out .= urlencode("$name").'=';
        if(
    is_array($value))
        {
         
    $out .= urlencode(serialize($value));
        }else{
         
    $out .= urlencode("$value");
        }
      }
      return
    $out . "\n";
    }
    ?>

    If there are arrays within the $args array, they will be serialized before being urlencoded.

    Some examples:
    <?php
    echo encode_array(array('foo' => 'bar'));                    // foo=bar
    echo encode_array(array('foo&bar' => 'some=weird/value'));   // foo%26bar=some%3Dweird%2Fvalue
    echo encode_array(array('foo' => 1, 'bar' =>  'two'));       // foo=1&bar=two
    echo encode_array(array('args' => array('key' => 'value'))); // args=a%3A1%3A%7Bs%3A3%3A%22key%22%3Bs%3A5%3A%22value%22%3B%7D
    ?>
    up
    down
    9
    ahrensberg at gmail dot com
    8 years ago
    Like "Benjamin dot Bruno at web dot de" earlier has writen, you can have problems with encode strings with special characters to flash. Benjamin write that:

    <?php
      
    function flash_encode ($input)
       {
          return
    rawurlencode(utf8_encode($input));
       }
    ?>

    ... could do the problem. Unfortunately flash still have problems with read some quotations, but with this one:

    <?php
      
    function flash_encode($string)
       {
         
    $string = rawurlencode(utf8_encode($string));

         
    $string = str_replace("%C2%96", "-", $string);
         
    $string = str_replace("%C2%91", "%27", $string);
         
    $string = str_replace("%C2%92", "%27", $string);
         
    $string = str_replace("%C2%82", "%27", $string);
         
    $string = str_replace("%C2%93", "%22", $string);
         
    $string = str_replace("%C2%94", "%22", $string);
         
    $string = str_replace("%C2%84", "%22", $string);
         
    $string = str_replace("%C2%8B", "%C2%AB", $string);
         
    $string = str_replace("%C2%9B", "%C2%BB", $string);

          return
    $string;
       }
    ?>

    ... should solve this problem.
    up
    down
    5
    neugey at cox dot net
    11 years ago
    Be careful when encoding strings that came from simplexml in PHP 5.  If you try to urlencode a simplexml object, the script tanks.

    I got around the problem by using a cast.

    $newValue = urlencode( (string) $oldValue );
    up
    down
    3
    kL
    9 years ago
    Apache's mod_rewrite and mod_proxy are unable to handle urlencoded URLs properly - issues.apache.org/bugzilla/show_bug.cgi?id=34602

    If you need to use any of these modules and handle paths that contain %2F or %3A (and few other encoded special url characters), you'll have use a different encoding scheme.

    My solution is to replace "%" with "'".
    <?php
    function urlencode($u)
    {
        return
    str_replace(array("'",'%'),array('%27',"'"),urlencode($u));
    }

    function
    urldecode($u)
    {
        return
    urldecode(strtr($u,"'",'%'));
    }
    ?>
    up
    down
    4
    Thomas
    8 years ago
    Reply to 'peter at mailinator dot com'

    If you are having problems using urldecode in PHP following the escape() function in Javascript, try to do a decodeURI() before the escape(). This fixed it for me at least.

    Thomas
    gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.