Php used ajax to send the password. the receiving end found that the password was cropped.

Php used ajax to send the password, and the receiving end found that the password was cropped and PHP was not used. I would like to ask at this forum.
The problem is that the user enters the user name and password to log on. if the password is simple, it can be passed in. However, if the password is AB @; & 1, it is found that the password value obtained by the server is cropped and changed to AB. But in the code, the following part is the same, and it can be done again. The difference between the two parts is not found.

PHP for client

Function getFirstU8Accid () {var sUserName = document. getElementById ("user_name "). value. toLowerCase (); var sPassword = document. getElementById ("password "). value; sUserName = escape (sUserName); if (sUserName = "") {return ("");} var sUrl = '/Server/. php? T = '+ escape (Date () +' & a = '+ sUserName +' & B = '+ sPassword; var xml = CreateXMLHttp (); xml. open ("GET", sUrl, false); xml. send (); var sLoginUser = xml. responseText; // process .......} // the code below shows the specific call. // getFirstU8Accid () fails to be called here. the specific error is that PHP on the server does not obtain the complete password content. Accid = getFirstU8Accid (); try {var guid = obj. getClientGUID ();} catch (e) {return "Error: failed to call GetClientGUID, error message:" + e. message;} var sUrl = '/Server/B. php? T = '+ escape (Date () +' & a = '+ user +' & B = '+ password +' & c = '+ sDomain; var xml = CreateXMLHttp (); xml. open ("GET", sUrl, false); xml. send (null); // The Returned result is normal because B. the code in php can get the return xml content of the password normally. responseText; [/color]. php B. the code in php is probably as follows. In fact, it is basically the same, but there are more parameters in B, and there is one more parsing. [Code = php]
 

I feel that it is the second time after the first failure, but with more parameters, it is successful. Although the server a and server B have two php files, there is no difference.

Reply to discussion (solution)

& The character is used as a field separator in the url parameter string. if your value contains this character, you need to perform url encoding (% 26)

The moderator is really quick, but it does not seem to have been processed during the second submission.

In addition, is there any common code for URL encoding? I have three traditional Chinese and English languages. Is there any impact? Not familiar with PHP. It wasn't long before I used it. is there any relevant information or small examples?

Isn't js using the encodeURI and encodeURIComponent methods?

The problem is solved. In the first step, no escape operation is performed on the password, while the reception is handled by unescape. The second part is paired. Thanks for the version prompt.

Var sUrl = '/Server/a. php? T = '+ escape (Date () +' & a = '+ sUserName +' & B = '+ sPassword;

Change?

Var sUrl = '/Server/a. php? T = '+ escape (Date () +' & a = '+ encodeURIComponent (sUserName) +' & B = '+ encodeURIComponent (sPassword );