On the difference between UrlEncode and Rawurlencode in PHP _php example

Some time ago said that they encountered a "URL plus error" bug, the reason for this bug is that they use the UrlEncode function in the URL, the function will be converted to a plus space, which causes the URL parsing error, and the space only converted into%20 can be normal parsing, Then we need to use the Rawurlencode function.

Here is a brief description of the difference between the UrlEncode function and the Rawurlencode function:

UrlEncode function:

Returns a string, in addition to the-_ in this string. All non-alphanumeric characters are replaced with a percent sign (%) followed by a two-bit hexadecimal number, and the space is encoded as a plus (+). This encoding is the same encoding as the WWW form POST data and is encoded in the same way as the application/x-www-form-urlencoded media type. For historical reasons, this encoding differs from RFC1738 encoding (see Rawurlencode ()) for encoding spaces as plus signs (+).

Rawurlencode function:

Returns a string, in addition to the-_ in this string. All non-alphanumeric characters are replaced with a percent semicolon (%) followed by a two-bit hexadecimal number. This is the encoding described in»RFC 3986 to protect the literal character from being interpreted as a special URL delimiter, while protecting the URL format from being confused by the transfer media (like some messaging systems) using character conversions. Let's take a look at the examples below:

<?php

$string = "Hello World";

echo UrlEncode ($string). ' <br/> '; Output: Hello+world
echo Rawurldecode ($string). ' <br/> '/output: Hello%20world

?>
 

Specific example comparison:

<?php for ($i = 0x20 $i < 0x7f $i + +) {$str. = Dechex ($i); 
} $asscii = Pack ("h*", $str); echo "All printable Asscii characters: (from spaces to ~) n". $asscii. " 
\ n "; 
echo "UrlEncode result: \ n". UrlEncode ($ASSCII); 
echo "\ n"; echo "UrlEncode does not encode http://www.jb51.net/character: \ n". Preg_replace ("/%.{ 
2}/"," ", UrlEncode ($ASSCII)); 
echo "\ n"; 
echo "Rawurlencode result: \ n". Rawurlencode ($ASSCII); 
echo "\ n"; echo "Rawurlencode characters not encoded: \ n". Preg_replace ("/%.{ 
2}/"," ", Rawurlencode ($ASSCII));

echo "\ n"; Exit?> output: ——————————————————————————— all printable Asscii characters: (from spaces to ~)! " #$%& ' () *+,-./0123456789:;<=> @ABCDEFGHIJKLMNOPQRSTUVWXYZ [\]^_abcdefghijklmnopqrstuvwxyz{|} ~ UrlEncode Results: +%21%22%23%24%25%26%27%28%29%2a%2b%2c-.%2f0123456789%3a%3b%3c%3d%3e%3f% 40abcdefghijklmnopqrstuvwxyz%5b%5c%5d%5e_%60abcdefghijklmnopqrstuvwxyz%7b%7c%7d%7e UrlEncode do not encode characters: +-. Results of 0123456789abcdefghijklmnopqrstuvwxyz_abcdefghijklmnopqrstuvwxyz Rawurlencode:%20%21%22%23%24%25%26%27%28%29% 2a%2b%2c-.%2f0123456789%3a%3b%3c%3d%3e%3f%40abcdefghijklmnopqrstuvwxyz%5b%5c%5d%5e_%60abcdefghijklmnopqrstuvwxyz%7b%7c%7d%7e Rawurlencode do not encode characters:-.
 0123456789abcdefghijklmnopqrstuvwxyz_abcdefghijklmnopqrstuvwxyz

Compare the results of both:

1. Numbers, uppercase and lowercase letters are not coded
2. minus sign, dot number, underline three not coded
3. Rawurlencode more than UrlEncode a "plus"

About the difference between escape and encodeuricomponent in javascript:

>>> Console.log (encodeURIComponent ("Unified registration 1");

%E7%BB%9F%E4%B8%80%E6%B3%A8%E5%86%8C1
>>> Console.log (Escape ("Unified registration 1");
%U7EDF%U4E00%U6CE8%U518C1

<?php
echo iconv ("Utf-8", "GBK", UrlDecode ("%e7%bb%9f%e4%b8%80%e6%b3%a8%e5% 86%8c1 ")); 
echo "\ n"; 
Echo UrlDecode ("%u7edf%u4e00%u6ce8%u518c1"); 
Use the following unescape to
//echo iconv ("Utf-8", "GBK", Unescape ("%u7edf%u4e00%u6ce8%u518c1"); 
Exit;
? >

Output results:
======================================
Unified Registration 1
%u7edf%u4e00%u6ce8%u518c1
= = ===================================

Results show:

1. encodeURIComponent always converts input into UTF8 encoding, encoded by byte

2. Escape is processed in Unicode encoding because it also encodes the unsafe characters in the URL, so it can be encoded in the URL, but the server side does not automatically decode, the following provides a PHP version of the decoding function, is used in the manual to find:

<?php function unescape ($str) {$str = Rawurldecode ($STR); 
  Preg_match_all ("/(?:%u.{4}) |& #x .{4};|& #d +;|.+/u", $str, $r); 
  $ar = $r [0]; foreach ($ar as $k => $v) {if (substr ($v, 0,2) = = "%u") $ar [$k] = Iconv ("UCS-2", "UTF-8", Pack ("H4", substr ($v,-4) 
    )); 
    ElseIf (substr ($v, 0,3) = = "& #x") $ar [$k] = Iconv ("UCS-2", "UTF-8", Pack ("H4", substr ($v, 3,-1)); 
    ElseIf (substr ($v, 0,2) = = "&#") {$ar [$k] = Iconv ("UCS-2", "UTF-8", Pack ("n", substr ($v, 2,-1)); 
} return Join ("", $ar); }?> >>> Console.log ("!\" #$%& ' () *+,-./0123456789:;=>? @ABCDEFGHIJKLMNOPQRSTUVWXYZ [\]^_ abcdefghijklmnopqrstuvwxyz{|}
~")); %20%21%22%23%24%25%26%27%28%29*+%2c-./0123456789%3a%3b%3c%3d%3e%3f@abcdefghijklmnopqrstuvwxyz%5b%5d%5e_% 60abcdefghijklmnopqrstuvwxyz%7b%7c%7d%7e >>> Console.log (encodeURIComponent ("!\" #$%& ' () *+,-./ 0123456789:;<=&gt @ABCDEFGHIJKLMNOPQRSTUVWXYZ [\]^_abcdefghijklmnopqrstuvwxyz{|}
~")); %20!%22%23%24%25%26 ' () *%2b%2c-.%2f0123456789%3a%3b%3c%3d%3e%3f%40abcdefghijklmnopqrstuvwxyz%5b%5d%5e_% 60abcdefghijklmnopqrstuvwxyz%7b%7c%7d~ >>> Console.log (Escape ("!\" #$%& ' () *+,-./0123456789:;<= @ABCDEFGHIJKLMNOPQRSTUVWXYZ [\]^_abcdefghijklmnopqrstuvwxyz{|} ~ "). Replace (/%.{

2}/g, "")); *+-./0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZ_ABCDEFGHIJKLMNOPQRSTUVWXYZ >>> Console.log ( encodeURIComponent ("!\" #$%& ' () *+,-./0123456789:;<=>? @ABCDEFGHIJKLMNOPQRSTUVWXYZ [\]^_ ' abcdefghijklmnopqrstuvwxyz{|} ~ "). Replace (/%.{ 2}/g, ""));! '
 () *-.0123456789abcdefghijklmnopqrstuvwxyz_abcdefghijklmnopqrstuvwxyz~

Results comparison:

Escape encoded characters: *+-./@_ Total 7

encodeURIComponent characters not encoded:! ' () *-._~ a total of 9

The above article discusses the difference between UrlEncode and Rawurlencode in PHP is small series to share all the content, hope to give you a reference, but also hope that we support the cloud-dwelling community.