& is the reserved character in the HTTP and URI URLs (usually called a link or hypertext link). This & is the exact point that will define the new $_GET entry. Therefore, it will no longer separate from the previous $_GET entry. The previous one is the one you would like to use. So actually & inside the category is causing your headaches:
URL: http://example.com/script.php?hello=world&foo=bar ^ ^^^ PHP: $_GET['hello'] // "world" $_GET['foo'] // "bar"
So, just remember: in the URL, the & character separates one URL parameter from another.
But this does not mean that your problem is not resolved. You can pass values containing the & character through the URL parameter. There is a very simple way to get & characters into a specific $_GET value.
Packing Values for the Internet Round
But be careful: you can look right now at the input level (this is the part where the data goes into $_GET and other variables) of your application. But to solve this, you need to look at the opposite - at the output level (at which you send HTML).
Why? Because the output will become the input of your script. So, if the output is already wrong, the input can never be ready for use.
Note that each URL that your application sends to the browser (for example, as part of the <a href=""> HTML link) is a new command with specific parameters for your script variables $_GET . Technically, this part is known as query or as part of the queryinfo URI / URL.
So, if the URL is already created in such a way that it will create the wrong $_GET parameters for your script, it is already too late. So, you look at the way out to fix the original cause.
So instead, you need to look at the place where you are creating the URL, and draw the correct conclusion already there, in order to get $_GET['category'] later.
At each link output, you must ensure that each value is correctly encoded . This is a magic word that contains a solution to your problem. A term that you look better in the dictionary than in the technical documentation.
The encoding type for the values needed for the $_GET parameters — the so-called URL encoding — for URLs — makes sense, right? URL, encoding = URL encoding.
Encoding values for URLs actually ensures that the parameter value is accessible in your script again safely, as opposed to breaking values, and ultimately technically destroys the URL even.
The sounds are probably a little complicated, but the good news is that you first need to know that PHP, as a web scripting language, offers a function that performs this encoding for you. It is called urlencode() , and you can use it for any value to create your URLs. This is actually a fairly common task in a web application, so if you only knew before, but until then, do you see any code, right?
PHP Encoding URL Parameters
I have to guess how it looks at your end, but you can also add your code to your question (output code) so that it is easier for you to give you some code that you can “just” use. Let's say you have something similar to display a link:
<a href="index.php?category=<?php echo $category ?>">
This displays the contents of $category just as it is. But this leads to incorrect URLs that break your script.
Thus, the value of $category must be encoded. It is like putting it in an envelope to make sure that it reaches the goal as a whole. Let me do this with the urlencode function that I just mentioned:
<a href="index.php?category=<?php echo urlencode($category) ?>">
As you can see, simply by inserting a value into the urlencode function, you need to encode the data correctly. Ready to achieve the goal, nothing can break it.
As always: It's easy when you know how to do it. URLs must be properly spelled and, especially, parameter values must be correctly encoded to prevent problems with work at the opposite end: input level.
Good luck with your term.