The php Function Rawurlencode
The php function rawurlencode converts the characters in a string to a format that can be safely transmitted over the Internet. This is important because some characters have special meanings in URLs and may cause errors if not encoded correctly.
Many languages have built-in functions to do this encoding and decoding, and PHP is no exception. The urlencode() function makes a string safe for use in a URL by replacing spaces and special characters with their corresponding hex code.
However, there are some cases where this encoding isn't sufficient. For example, if you are using $_GET to get query parameters, you should always be sure to call urlencode() on the parameter strings before displaying them. This will prevent any potential XSS attacks that might be carried out by malicious users.
In addition, if you need to store query parameters in a database, you should use the addcslashes( ) or stripcslashes( ) function to escape any arbitrary characters that might appear in the query string (such as space or less-than signs). This will make them safe for retrieval from non-standard databases.
Finally, if you are working with the '[" and "]' separators in some URL schemes (such as FTP), you should not use rawurlencode() to encode the '[' and ']' parts of the string, because this breaks the usage defined in the RFCs for defining additional parameters to a host domain name part. In this case, you should instead encode the host part with str_replace('