On this page there are many abbreviation / acronym entries: http://abbreviations.wordcrow.com/acronyms/D/ They are generated in PHP: <a href="/define/<?php echo rawurlencode($abbreviation['title'])?>/"> <strong><?php echo $abbreviation['title']?></strong> </a> PHP: I used rawurlencode because many acronyms contain bizarre characters such as #, & and even /. And the URL requests such as: http://abbreviations.wordcrow.com/define/DA&E/ Would first be fed to rawurldecode(): $acronym = rawurldecode('DA%26E'); // $acronym would be 'DA&E'. PHP: And then used in database queries. While DA&E is all right, DA/C is not. Try this URL http://abbreviations.wordcrow.com/define/DA/C/ and you would end up with http://abbreviations.wordcrow.com/define/DA/C/ which is an error page. I can extend more code to recognize /define/DA/C/ but it's just weird and non-sensible. I tried both Chrome and Firefox and they all automatically convert DA%2FC to DA/C. But with DA%26E, they don't. What am I doing wrong? Ain't that / already encoded into '%2F'?? Really weird. Any help would be appreciated!
Do you have any automatic output escaping or something similar. I've seen this when there is something escaping data and the url string gets double escaped.
Thanks, TwineDev. Here's the .htaccess in the /define/ directory: <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L] </IfModule> Code (markup): And in /define/index.php: $req = explode('/', $_SERVER['REQUEST_URI']); $acronym = rawurldecode($req[2]); ... // Database queries with $acronym Code (markup): I tried to add "AllowEncodedSlashes On" in the .htaccess but it didn't work. Any idea?