Hello, I have some code that converts a given password and salt to an md5 hash, as part of a login system of a bigger project that I have been working on.


This is the problem. The password salts are randomly generated, and sometimes they contain special characters. notably the forward slash.

this is my php code:

Code:
<?php
$password = $_GET['p'];
$salt = $_GET['s'];
 $finished = "no value inputted";
 
  $password = md5($password);
  $finished = md5($password.$salt);

                print($finished);	

    ?>

It works perfectly, so I just visit


www.website.com/md5.php?p=password123&s=d4d


BUT if the salt includes a forward slash or an ampersand etc, it obviously ends up making the url look like this:

www.website.com/md5.php?p=password123&s=d/d

www.website.com/md5.php?p=password123&s=d&d


which oibviously messes it all up.


how can I make it so that the php script accepts special characters such as the forward slash without the browser automatically thinking it's a new folder?


I want to be able to input the password salt even with special characters.

I dunno if you can put it in '' quotes or not? hmm

a little help would be appreciated please!