PHP replaces spaces with underscores

Question

I have the problem, that PHP replaces all spaces with underscores in POST and GET variables.

For example if I have the URL: http://localhost/proxy.php?user name=Max the browser will convert it to http://localhost/proxy.php?user%20name=Max.

But if I give the $_GET parameters out, the key is not user name but user_name (note the underscore)!

Is there any possibility to change this behaviour?

Answer 1

From the PHP manual:

Dots in incoming variable names

Typically, PHP does not alter the names of variables when they are passed into a script. However, it should be noted that the dot (period, full stop) is not a valid character in a PHP variable name. For the reason, look at it:

<?php $varname.ext;  /* invalid variable name */ ?>

Now, what the parser sees is a variable named $varname, followed by the string concatenation operator, followed by the barestring (i.e. unquoted string which doesn't match any known key or reserved words) 'ext'. Obviously, this doesn't have the intended result.

For this reason, it is important to note that PHP will automatically replace any dots in incoming variable names with underscores.

And a comment on the page:

The full list of field-name characters that PHP converts to _ (underscore) is the following (not just dot):

chr(32) ( ) (space)
chr(46) (.) (dot)
chr(91) ([) (open square bracket)
chr(128) - chr(159) (various)

PHP irreversibly modifies field names containing these characters in an attempt to maintain compatibility with the deprecated register_globals feature.

Answer 2

I think the only possibility to get the wanted parameters, is to parse them on your own using $_SERVER['QUERY_STRING']:

$a_pairs = explode('&', $_SERVER['QUERY_STRING']);
foreach($a_pairs AS $s_pair){
  $a_pair = explode('=', $s_pair);
  if(count($a_pair) == 1) $a_pair[1] = '';

  $a_pair[0] = urldecode($a_pair[0]);
  $a_pair[1] = urldecode($a_pair[1]);

  $GLOBALS['_GET'][$a_pair[0]] = $a_pair[1];
  $_GET[$a_pair[0]] = $a_pair[1];
}