How to encode get parameter from html form?

Question

I have a form like this:

<form action="/web/" method="get">
<input type="search" name="keyword_search_query">
<input type="submit" value="Search…">
</form>

This is a search form for my website.

What is the right/common way to encode these data into a search query to avoid unexpected behavior?

For instance, having an & in one of the inputs will cut the search query. How should I escape those characters?

P.S. How does Google do it?

Possible duplicate of [How to properly URL encode a string in PHP?](http://stackoverflow.com/questions/4744888/how-to-properly-url-encode-a-string-in-php) — Jérôme, Mar 02 '17 at 13:49

score 0 · Answer 1 · answered Mar 02 '17 at 12:24

0

User encodeURI(data); for encoding

answered Mar 02 '17 at 12:24

Sazzad Hussain

And what user has disabled JavaScript? – Mar 02 '17 at 13:00
1

You're using php, so use a php function. See http://stackoverflow.com/questions/4744888/how-to-properly-url-encode-a-string-in-php. – Jérôme Mar 02 '17 at 13:50
@David You can for user to enable Javascript or you can validate in PHP. – Sazzad Hussain Mar 03 '17 at 05:00

1 Answers1