Hi,
I have a php page where I output a list of titles and give the option to delete them. When the user clicks on delete, I call the following JavaScript function:
function deleteitem(title) {
if (confirm("Are you sure you want to delete '" + title +"'"))
{
window.location.href = 'outputadmin.php?del=' + title;
}
}
If the user confirms, then the title is deleted from the database. Everything works as long as I don't have a title that contains the '%' (percent) character followed by 2 hexnumbers. For example, if I have the following title: 'John%26', then in the alert window I will have the following message: "Are you sure you want to delete 'John&'
As you can see, the special character %26 is already interpreted by the JavaScript function, although I'm still on the same page on the client side. After I confirm my wish to delete, the following url will be sent: outputadmin.php?del=John&
Of course, there's no such title as John& in my database, rather John%20, so nothing really gets deleted.
Any thoughts are welcome.
Thank you very much.
Best,
Mike
