9

When I submit a form with multiple checkboxes that have the same name I get a URL that looks something like this: www.mysite.com/search.php?myvalue%5B%5D=value1&myvalue%5B%5D=value2

Is there someway that I can remove the %5B%5D to make the URL "pretty", with something like htaccess?

Code:

<form>
     <input type="checkbox" name="myvalue[]" value="value1">
     <input type="checkbox" name="myvalue[]" value="value2">
</form>
BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
Oskar Persson
  • 6,605
  • 15
  • 63
  • 124
  • please post your code, then we might be able to fix the cause of the `%5B%5D` – P1nGu1n Jan 04 '13 at 16:23
  • I know why I get it, just don't know how I can rewrite the URL to a simpler and shorter one. – Oskar Persson Jan 04 '13 at 16:26
  • This would only happen if you have for some unclear reason *actually* used `name="myvalue[]"` in both elements (perhaps in order to utilize the odd PHP-specific feature to "easily" get an array from request parameter map?), but that doesn't seem to be the case. Are you using some MVC framework which takes care about generating/manipulating the HTML output? – BalusC Jan 04 '13 at 16:28
  • I use the same name for the checkboxes because that gives me an array ($_GET['myvalue']) of which values were checked. – Oskar Persson Jan 04 '13 at 16:30
  • `%5B%5D`is indeed `[]` encode. When I try the form you given and submit it, the url is `mysite.com/search.php?myvalue=value1&myvalue=value2` – P1nGu1n Jan 04 '13 at 16:32
  • 1
    Oskwish, I didn't mean that. The `%5B%5D` in URL would only appear if you have *actually* used `name="myvalue[]"`. It should not appear if you're using `name="myvalue"` as you've demonstrated in the question (in other words, the code posted so far would not cause the described problem at all and thus you've a huge red herring in the question and thus the question is actually invalid). – BalusC Jan 04 '13 at 16:32
  • I agree with @BalusC, with the posted code it should be `?myvalue=value1&myvalue=value2` instead of `myvalue%5B%5D=value1&myvalue%5B%5D=value2` – P1nGu1n Jan 04 '13 at 16:34
  • Updated the code, I did use myvalue[]. If I don't, I just get the latest value put in the URL. – Oskar Persson Jan 04 '13 at 16:35
  • 2
    use a post request if you don't want those values in the URL. A better idea is to stop caring how your URL looks. – zzzzBov Jan 04 '13 at 16:37
  • Exactly. Don't use GET requests if you don't have a particular reason. POST is more secure and you will also have a "cleaner" url. – jtheman Jan 04 '13 at 16:39
  • I need to use GET since it's a search form – Oskar Persson Jan 04 '13 at 16:45

3 Answers3

16

Is there someway that I can remove the %5B%5D to make the URL "pretty", with something like htaccess?

No. The [] are reserved characters in URLs, so they definitely need to be URL-encoded.

If using POST is not an option, which makes sense given that it's a search form, your best bet is to just give them each a different name with a value of 1 or so.

<form>
    <input type="checkbox" name="option1" value="1" />
    <input type="checkbox" name="option2" value="1" />
</form>

Or, if you really insist in them having the same name, then you should be extracting the query string yourself instead of relying on the PHP specific feature of returning an array when obtaining a parameter with a [] suffix in the name.

$params = explode('&', $_SERVER['QUERY_STRING']);

foreach ($params as $param) {
    $name_value = explode('=', $param);
    $name = $name_value[0];
    $value = $name_value[1];
    // ... Collect them yourself.
}

This way you can just keep using the braceless name.

<form>
    <input type="checkbox" name="option" value="option1" />
    <input type="checkbox" name="option" value="option2" />
</form>
BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
  • 1
    "No. The [] are reserved characters in URLs, so they definitely need to be URL-encoded." - BalusC above. – Jakob Weisblat Jan 04 '13 at 16:47
  • But if I write the URL manually and puts `[]` instead of `%5B%5D` it still works. – Oskar Persson Jan 04 '13 at 16:49
  • On manually entering the URL, it's the webbrowser itself who hides that away. By the way, if you were using JSP/Servlet instead of PHP, you could just use `name="myvalue"` in combination with `request.getParameterValues("myvalue")`. See also among others: http://stackoverflow.com/questions/1928675/servletrequest-getparametermap-returns-mapstring-string-and-servletreques/1928707#1928707 The `[]` being mandatory in PHP is really a PHP specific "quirk". – BalusC Jan 04 '13 at 16:58
3

[ and ] are reserved characters in a URL, so the browser must encode them in order for the URL to work correctly. You cannot have these characters in a URL. Nor can you have any other reserved characters such as spaces, ampersands, etc. They will all be encoded automatically for you (in many cases, even if you type the URL into the browser manually).

If you need a "pretty URL" you can:

  1. Not use a form at all; provide a link to a known "pretty" URL.

  2. Accept the ugly URL, but redirect it immediately to the pretty URL in point 1 above.

  3. Avoid using angle brackets at all in your field names (but this would mean a lot of changes to your back-end code too)

  4. Use a POST method on the form, so that the field data doesn't show up on the URL at all (but this would mean you don't have a link the user can bookmark).

If you must "prettify" this URL, my suggestion would be option 2 above.

Frankly, though, I wouldn't worry about it. People get waaaay to stressed about "pretty" URLs. I don't really get why.

  • Very few people I know ever actually type in a URL longer than just a domain name.
  • If you're worried about SEO for this, don't -- the search engine bots know what ULR encoding is and can look past it.
  • The only other reason for wanting a "pretty" URL is so that it looks good if users share it via an email link or something. To be honest, if you're worried about URL prettyness for that and it's got form fields in it then it's already too ugly, with just the & and = signs all over the place. The encoded brackets really don't make it any worse.

So my honest answer is: don't sweat it. It's normal; ignore it; get on with more important parts of your web development work.

SDC
  • 14,192
  • 2
  • 35
  • 48
  • Thanks for your answer and opinion, though I have some answers and questions regarding it. 1. I need to use a form since it's for a searching filter. 2. Should I make a script in php or something that translates `%5B%5D` to `[]`? 3. Need 'em. 4. Have to use a GET method since it's a search form. – Oskar Persson Jan 04 '13 at 17:00
  • @Oskar, you do know you dont have to use GET, GET and POST both go to `$_REQUEST`... – Can O' Spam Aug 26 '15 at 14:45
0

If that is really a problem for you, how about "merging" everything into a single param using some kind of separator like , (or whatever you want). So, instead of having a URI like myvalue%5B%5D=value1&myvalue%5B%5D=value2, you would end up with a URI like myvalue=value1,value2.

This is just an idea, don't have the code right now, but you will need to do it with JS, and parse the param value on your backend (in order to have an array).

Pedro Acácio
  • 139
  • 1
  • 5