You can do web safe encode and decode using this
// encode emailaddress
$email_encoded = rtrim(strtr(base64_encode($email), '+/', '-_'), '=');
// decode email address
$email_decoded = base64_decode(strtr($email_encoded, '-_', '+/'));
It converts the + and / from the base64 alphabet in the more harmless - and _. The encoding step also removes the trailing = characters when needed.