Save 10% on our Pro WordPress plugins with discount code: 10PERCENT
Web Dev + WordPress + Security

How to Write Valid URL Query String Parameters

When building web pages, it is often necessary to add links that require parameterized query strings. For example, when adding links to the various validation services, you may find yourself linking to an accessibility checker, such as the freely available Cynthia service:

<a href="http://www.contentquality.com/mynewtester/cynthia.exe?Url1=http://domain.tld/&rptmode=2">WCAG Accessibility Check</a>

Another example is seen when linking your feed to a feed validation service:

<a href="http://validator.w3.org/feed/check.cgi?url=http://feeds.feedburner.com/domainfeed">RSS Feed Validation</a>

And one final example showing a more complex query string:

<a href="http://delicious.com/post?url=http://domain.tld/&title=The title of a post">Bookmark at Delicious</a>

As is, however, these links won’t validate due to a number of issues. Let’s fix ‘em up with a few quick-and-easy changes.

Replace ampersands with “&amp;”

One of the reasons these links aren’t validating is because they contain non-encoded ampersand ( & ) characters. Ampersands are often used in URL query strings to demarcate granular chunks of information, for example:

http://domain.tld/function.cgi?url=http://fonzi.com/&name=Fonzi&mood=happy&coat=leather

..which provides several different chunks of information about everybody’s favorite hellion. To get this code to validate, we need to encode the ampersands with &, for example:

http://domain.tld/function.cgi?url=http://fonzi.com/&name=Fonzi&mood=happy&coat=leather

Replacing the ampersand characters with encoded equivalents does not change the functionality of the query string, but it does produce completely valid code.

Encode other special characters

Let’s return to our Delicious example for a moment:

<a href="http://delicious.com/post?url=http://domain.tld/&title=The title of a post">Bookmark at Delicious</a>

The ampersand has been fixed, but this code still won’t validate due to the blank spaces in the title parameter. To fix this, we need to encode those blank spaces with their escaped hexadecimal equivalents, like so:

<a href="http://delicious.com/post?url=http://domain.tld/&title=The%20title%20of%20a%20post">Bookmark at Delicious</a>

..such that

&title=The title of a post

becomes

&title=The%20title%20of%20a%20post

..which is to say that a blank space is equivalent to “%20”.

Likewise, you should also encode any other special characters. For example, here is that previous feed validation link:

<a href="http://validator.w3.org/feed/check.cgi?url=http://feeds.feedburner.com/domainfeed">RSS Feed Validation</a>

If needed, we could encode the special characters in the url parameter like so:

<a href="http://validator.w3.org/feed/check.cgi?url=http%3A%2F%2Ffeeds.feedburner.com%2Fperishablepress">RSS Feed Validation</a>

As you can see, we have made the following replacements:

: with %3A
/ with %2F

As before, the encoded values function just as well as the non-encoded characters, with the added bonus that your code will validate!

Here is a good list of URL character codes

Tips and Tricks

The previous examples demonstrate the logic and technique behind writing valid URL query string parameters, but there are easier, more efficient ways to produce valid, dynamic links. First of all, rather than manually replacing each and every special character with its encoded equivalent, we can use the magical powers of PHP’s urlencode() function.

Let’s take an example from my recent article, Fully Valid, SEO-Friendly Social Media Links for WordPress:

<a href="http://twitter.com/home?status=Currently reading: <?php the_permalink(); ?>">Tweet this!</a>

This example provides a link to enable users to quickly post the URL of your posts to their Twitter feed. As is, the blank spaces in the status parameter render the code invalid. To change this, we use the urlencode() function like:

<a href="http://twitter.com/home?status=<?php echo urlencode("Currently reading: "); ?><?php the_permalink(); ?>">Tweet this!</a>

..which is now completely valid. Using this technique, we can encode any character string dynamically and easily. For WordPress users, we can even use urlencode() to dynamically encode various template tags such as get_the_title(), for example:

<a href="http://delicious.com/post?url=<?php the_permalink(); ?>&title=<?php echo urlencode(get_the_title($id)); ?>">Bookmark at Delicious</a>

This technique makes it possible to include sitewide, post-specific, parameterized links using a single line of code. And best of all? The code is completely valid! Nice :)

Jeff Starr
About the Author
Jeff Starr = Creative thinker. Passionate about free and open Web.
The Tao of WordPress: Master the art of WordPress.

28 responses to “How to Write Valid URL Query String Parameters”

  1. Sorry, here it is.

    param name="FlashVars" value="ver=mk_design&t=orderFromTpl&
    tid=1513&category_id=484&uid=4af4dc0449&sku=484"

  2. Hey Jeff,
    Thanks for getting back to me so quickly. I saw the sample, that the above code came from work on the coders test site, but he never created folders for the parameters, or uploaded content. I think it was more of a take the money and run kind of thing. I can create folders and upload my friends content, i just have no clue what a tid, uid or sku are, etc. I can build wordpress sites all day long, but i’m lost on this kind of thing.
    Thank you very much. I have learned a lot from you site.

  3. Jeff Starr 2011/10/14 9:05 am

    Hey Chaz, generally speaking URL parameters are used by scripting languages such as PHP to keep track of things and enable specific, context-specific functionality.

    So if it were me, I would look at the site files and maybe scan/search for some of the parameter names to get an idea of their purpose.

    Hopefully that helps!

  4. thanks its helpful

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
The Tao of WordPress: Become your own WordPress guru.
Thoughts
Making great strides on my new book. Planned release in December :)
To organize my life, I keep it simple. online: plain text files, offline: sticky notes.
Official list of Googlebot IP addresses.
Lot of 1s in today’s date 20211111.
Working on a new book :)
I enjoy listening to original Star Trek and NG episodes while working online. After a while it feels like I’m working on the ship as part of the crew, going on adventures.
New version (2.6) of my shapeSpace starter theme now available! Always free & open source for everyone :)
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.