Posted by Richard Lynch on 10/19/43 11:10

> Greetings again,
> Thanks to richard for pointing out a good way to
> devle
> into the source. It appears after browsing through the
> source that the ' ' (space) is encoded to '+'. Also
> the
> characters '_', '-', '.' do get special treatment.
>
> Obviously, this works great in the scenario where the
> cookie is set by the PHP/Server and retrieved by a
> PHP/Server.
>
> Since the encoding is not mandated by the spec, I
> guess I cannot fault PHP for doing what it does. But I
> am curious as to what led to the design decision to
> encode ' ' to '+'.

I guess they thought + was more pretty than %20
[shrug]

Since you have the source, though, you can at least reverse-engineer a
perfect inverse function, and move on, secure in the knowledge that you
have the exactly correct solution.

Ya got me on the _ - and . though...

Sure hope it meets the Cookie spec...

Hopefully they caught all characters that urlencode does/doesn't handle,
and wedged it into a perfectly valid cookie-encoder. :-)

I think this was done *WAAAAAY* long time ago, before PHP had a
base64encode function, and urlencode was what they had. If all you have
is a hammer...

--
Like Music?
http://l-i-e.com/artists.htm

[Back to original message]