urldecode - PHP code example

PHP Function UrlEncode and UrlDecode

In most cases, you will need to pass data in the form of a URL to another page or function that needs to process it dynamically. This means that you will need to encode or decode those strings so they can be sent across the internet safely. There are two built in functions in PHP that you can use to do this, urlencode and urldecode.

Encoding a string for URLs basically means converting all characters that are outside the ASCII range to a '%' followed by 2 hex digits. This ensures that only characters in the ASCII range will be sent over the internet. It also prevents the use of unsafe characters, such as and > in URLs.

You can use the urlencode() function to do this, but it is more common to use rawurlencode(). It uses the RFC 3986 standard and is what you would use if you are working with a $_GET variable (which PHP automatically urldecodes for you) or if your code requires that all strings be escaped before passing them to $_REQUEST.

When decoding a string for URLs, you use the urldecode() function. This will return the original string back to its normal form. This also decodes the space character so that it becomes a plus sign (+) according to the application/x-www-form-urlencoded MIME format and replaces other special characters with their hex codes except for -, _, and.

urldecode example

    public function __construct(string $name, ?string $value, string $expires = null, string $path = null, string $domain = '', bool $secure = false, bool $httponly = true, bool $encodedValue = false, string $samesite = null)
    {
        if ($encodedValue) {
            $this->rawValue = $value ?? '';
            $this->value = urldecode($this->rawValue);
        } else {
            $this->value = $value ?? '';
            $this->rawValue = rawurlencode($this->value);
        }
        $this->name = $name;
        $this->path = empty($path) ? '/' : $path;
        $this->domain = $domain;
        $this->secure = $secure;
        $this->httponly = $httponly;
        $this->samesite = $samesite;

    public function handle(?string $uri = null)
    {
        // If we cannot find a URI to match against, then set it to root (`/`).         if ($uri === null || $uri === '') {
            $uri = '/';
        }

        // Decode URL-encoded string         $uri = urldecode($uri);

        // Restart filterInfo         $this->filterInfo  = null;
        $this->filtersInfo = [];

        // Checks defined routes         if ($this->checkRoutes($uri)) {
            if ($this->collection->isFiltered($this->matchedRoute[0])) {
                $multipleFiltersEnabled = config(Feature::class)->multipleFilters ?? false;
                if ($multipleFiltersEnabled) {
                    $this->filtersInfo = $this->collection->getFiltersForRoute($this->matchedRoute[0]);
                }

'path' => '/',
            'domain' => null,
            'secure' => false,
            'httponly' => false,
            'raw' => !$decode,
            'samesite' => null,
        ];

        $parts = HeaderUtils::split($cookie, ';=');
        $part = array_shift($parts);

        $name = $decode ? urldecode($part[0]) : $part[0];
        $value = isset($part[1]) ? ($decode ? urldecode($part[1]) : $part[1]) : null;

        $data = HeaderUtils::combine($parts) + $data;
        $data['expires'] = self::expiresTimestamp($data['expires']);

        if (isset($data['max-age']) && ($data['max-age'] > 0 || $data['expires'] > time())) {
            $data['expires'] = time() + (int) $data['max-age'];
        }

        return new static($name, $value, $data['expires'], $data['path'], $data['domain'], $data['secure'], $data['httponly'], $data['raw'], $data['samesite']);
    }

$request = $request->withHeader('User-Agent', drupal_generate_test_ua($test_prefix));
        }
        return $handler($request, $options)
          ->then(function DResponseInterface $response) {
            if (!drupal_valid_test_ua()) {
              return $response;
            }
            $headers = $response->getHeaders();
            foreach ($headers as $header_name => $header_values) {
              if (preg_match('/^X-Drupal-Assertion-[0-9]+$/', $header_name, $matches)) {
                foreach ($header_values as $header_value) {
                  $parameters = unserialize(urldecode($header_value));
                  if (count($parameters) === 3) {
                    if ($parameters[1] === 'User deprecated function') {
                      // Fire the same deprecation message to allow it to be                       // collected by                       // \Symfony\Bridge\PhpUnit\DeprecationErrorHandler::collectDeprecations().                       @trigger_error((string) $parameters[0], E_USER_DEPRECATED);
                    }
                    else {
                      throw new \Exception($parameters[1] . ': ' . $parameters[0] . "\n" . Error::formatBacktrace([$parameters[2]]));
                    }
                  }

    protected function decode($string)
    {
        // decode if specified         if (($pos = strpos($string, ':')) !== false) {
            if (!strncmp($string, 'base64', 6)) {
                return base64_decode(substr($string, 7));
            } elseif (!strncmp($string, 'urlencode', 9)) {
                return urldecode(substr($string, 10));
            }
        }

        return $string;
    }

    /** * modify resource_name according to resource handlers specifications * * @param Smarty $smarty Smarty instance * @param string $resource_name resource_name to make unique * @return string unique resource name */

$configuration = [
            'buffer_size' => (int) $options['buffer_size'],
            'wait_time' => (int) $options['wait_time'],
            'poll_timeout' => $options['poll_timeout'],
            'visibility_timeout' => $options['visibility_timeout'],
            'auto_setup' => filter_var($options['auto_setup'], \FILTER_VALIDATE_BOOL),
            'queue_name' => (string) $options['queue_name'],
        ];

        $clientConfiguration = [
            'region' => $options['region'],
            'accessKeyId' => urldecode($parsedUrl['user'] ?? '') ?: $options['access_key'] ?? self::DEFAULT_OPTIONS['access_key'],
            'accessKeySecret' => urldecode($parsedUrl['pass'] ?? '') ?: $options['secret_key'] ?? self::DEFAULT_OPTIONS['secret_key'],
        ];
        if (null !== $options['session_token']) {
            $clientConfiguration['sessionToken'] = $options['session_token'];
        }
        if (isset($options['debug'])) {
            $clientConfiguration['debug'] = $options['debug'];
        }
        unset($query['region']);

        if ('default' !== ($parsedUrl['host'] ?? 'default')) {

    /** * {@inheritdoc} */
    public function getBaseUrl($raw = false)
    {
        if ($this->baseUrl === null) {
            $this->baseUrl = $this->prepareBaseUrl();
        }

        return ($raw == false) ? urldecode($this->baseUrl) : $this->baseUrl;
    }

    /** * {@inheritdoc} */
    public function setBasePath($basePath = null)
    {
        if ($basePath !== null) {
            $this->basePath = $basePath;

            return $this;
        }

/*======================================================================*\ Function: setcookies() Purpose: set cookies for a redirection \*======================================================================*/

    function setcookies()
    {
        for($x=0; $x<count($this->headers); $x++)
        {
        if(preg_match('/^set-cookie:[\s]+([^=]+)=([^;]+)/i', $this->headers[$x],$match))
            $this->cookies[$match[1]] = urldecode($match[2]);
        }
    }

/*======================================================================*\ Function: _check_timeout Purpose: checks whether timeout has occurred Input: $fp file pointer \*======================================================================*/

    function _check_timeout($fp)
    {

    /** * Sort query parameters taking in account also the values of said parameters. * * @param array $params * * @return string */
    private function sortQueryParameters($params)
    {
        $sParams = urldecode(http_build_query($params));
        $query = explode('&', $sParams);

        usort($query, function D$val1, $val2) {
            return strcmp($val1, $val2);
        });

        return implode('&', $query);
    }

    /** * @param string $path the path of the directory to be iterated over * * @return RecursiveIteratorIterator */

function get_category_by_path( $category_path, $full_match = true, $output = OBJECT ) {
    $category_path  = rawurlencode( urldecode( $category_path ) );
    $category_path  = str_replace( '%2F', '/', $category_path );
    $category_path  = str_replace( '%20', ' ', $category_path );
    $category_paths = '/' . trim( $category_path, '/' );
    $leaf_path      = sanitize_title( basename( $category_paths ) );
    $category_paths = explode( '/', $category_paths );
    $full_path      = '';

    foreach ( (array) $category_paths as $pathdir ) {
        $full_path .= ( '' !== $pathdir ? '/' : '' ) . sanitize_title( $pathdir );
    }

    /** * Sanitize the stylesheet to decode endpoint. * * @since 5.9.0 * * @param string $stylesheet The stylesheet name. * @return string Sanitized stylesheet. */
    public function _sanitize_stylesheet_callback( $stylesheet ) {
        return urldecode( $stylesheet );
    }

    /** * Checks if a given request has access to read the theme. * * @since 5.0.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has read access for the item, otherwise WP_Error object. */
    public function get_items_permissions_check( $request ) {

function _truncate_post_slug( $slug, $length = 200 ) {
    if ( strlen( $slug ) > $length ) {
        $decoded_slug = urldecode( $slug );
        if ( $decoded_slug === $slug ) {
            $slug = substr( $slug, 0, $length );
        } else {
            $slug = utf8_uri_encode( $decoded_slug, $length, true );
        }
    }

    return rtrim( $slug, '-' );
}

/** * Adds tags to a post. * * @see wp_set_post_tags() * * @since 2.3.0 * * @param int $post_id Optional. The Post ID. Does not default to the ID of the global $post. * @param string|array $tags Optional. An array of tags to set for the post, or a string of tags * separated by commas. Default empty. * @return array|false|WP_Error Array of affected term IDs. WP_Error or false on failure. */

    public function get_cookies() {
        $cookies = array();
        foreach ( $this->response->cookies as $cookie ) {
            $cookies[] = new WP_Http_Cookie(
                array(
                    'name'      => $cookie->name,
                    'value'     => urldecode( $cookie->value ),
                    'expires'   => isset( $cookie->attributes['expires'] ) ? $cookie->attributes['expires'] : null,
                    'path'      => isset( $cookie->attributes['path'] ) ? $cookie->attributes['path'] : null,
                    'domain'    => isset( $cookie->attributes['domain'] ) ? $cookie->attributes['domain'] : null,
                    'host_only' => isset( $cookie->flags['host-only'] ) ? $cookie->flags['host-only'] : null,
                )
            );
        }

        return $cookies;
    }

$expires = null;
        $secure  = false;
        $parts   = explode(';', $cookieStr);

        // If first part does not include '=', fail         if (strpos($parts[0], '=') === false) return false;

        // Get the name and value of the cookie         list($name, $value) = explode('=', trim(array_shift($parts)), 2);
        $name  = trim($name);
        if ($encodeValue) {
            $value = urldecode(trim($value));
        }

        // Set default domain and path         if ($refUri instanceof Zend_Uri_Http) {
            $domain = $refUri->getHost();
            $path = $refUri->getPath();
            $path = substr($path, 0, strrpos($path, '/'));
        }

        // Set other cookie parameters         foreach ($parts as $part) {