Exactly what I was going to mention, Brad. Here's some more info. Quoted from PHP manual for urlencode(): "Returns a string in which all non-alphanumeric characters except -_. have been replaced with a percent (%) sign followed by two hex digits and spaces encoded as plus (+) signs. It is encoded the same way that the posted data from a WWW form is encoded, that is the same way as in application/x-www-form-urlencoded media type. This differs from the RFC1738 encoding (see rawurlencode()) in that for historical reasons, spaces are encoded as plus (+) signs." Try this: $space = " "; echo "Urlencoded: " . urlencode($space) . "<br>\n"; echo "Rawurlencoded: " . rawurlencode($space) . "<br>\n"; And you get: Urlencoded: + Rawurlencoded: %20 If the only issue the OP is having is that the spaces are being transformed from + to <space> then maybe just do a urlencode($_COOKIE['AUTH']) and try doing the base64 decode off of that. This assumes that urlencode() Doesn't mangle other data in the cookie data. Or a string replace " " to "+". Kind of a non-technical answer, so maybe there's a better way to do this. Maybe a setting in apache or PHP. Don't really have time to research it right now, just wanted to point out the urlencode() and rawurlencode() info. PHP manual pages here: http://us3.php.net/manual/en/function.urlencode.php http://us2.php.net/manual/en/function.rawurlencode.php -TG = = = Original message = = = > -----Original Message----- > From: Fletcher Mattox [mailto:fletcher@xxxxxxxxxxxxx] > Sent: Wednesday, February 07, 2007 2:49 PM > To: php-general@xxxxxxxxxxxxx > Subject: Re: base64-encoding in cookies? > > I wrote: > > > A campus web server (not under my control) returns an authentication > > string in a cookie named AUTH. The cookie's value is an encrypted, > > base64 encoded string. Unfortunately, when I examine $_COOKIE['AUTH'], > > it is clear that all of the '+' characters have been replaced with a ' ' > > character in the base64 string. Why is this? Obviously, this corrupts > > the data and makes it impossible to base64-decode the string correctly. > > I believe this is a php issue and not, say, an apache issue because a > > perl program can correctly authenticate the same cookie based on perl's > > $ENV'HTTP_COOKIE'. i.e., the perl cookie contains the original '+'. > > Does anyone know how to make php (v5.1.5) do the right thing with base64 > > encoded cookies? > > This problem seems to be > > ~http://bugs.php.net/bug.php?id=35523 > > where it was dismissed as "Bogus" without any explanation why. It seems > that '+' characters are intentionally converted to spaces in all cookies. > This makes no sense to me. Can someone explain it? > > Thanks, > Fletcher > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > Could it have something to do with url encoding? For example: http://example.com/page.php?foo=ABC+123 echo $_GET['foo']; // should produce: ABC 123 http://example.com/page.php?foo=ABC%2B123 echo $_GET['foo']; // should produce: ABC+123 HTH, Brad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php ___________________________________________________________ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
