Home/ Questions/Q 1078133
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T21:40:44+00:00

I think I have a URL encoding issue. I need to open a window

  • 0

I think I have a URL encoding issue. I need to open a window using Javascript and pass a SQL Select query to it. So I have done this:

window.open('view_query.php?sql_query=' + query + '&db_name=' + db_name);

This has worked for me, but I have a query that breaks this:

SELECT a FROM table WHERE field like '%adhoc%'

Now when the new window opens and I print the query received from the URL GET variable it looks like this:

SELECT a FROM table WHERE field like '�hoc%'

Notice the bit %ad has turned into an unrecognised character! Why?

I have tried solving this with URL encoding but since I need the % symbol I can’t use many URL encoders since they will turn this into something else?!

Thanks all for any help.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The % character is used to encode characters in an URL using a character code. The sequence %ad means the character with the hexadecimal character code 0xAD, or decimal 173.

    Use the encodeURIComponent function to escape values for the URL:

    window.open('view_query.php?sql_query=' + encodeURIComponent(query) + '&db_name=' + encodeURIComponent(db_name));

    Just to make sure that you (and anyone reading this) are aware of it, let me also point out the risks of sending SQL code via the browser. Anyone using the system could send anything as a query, including for example drop table.

    • 0