Hi all,
I have an issue with php and/or mysql. I have a php form that writes "items"
to a mysql database, including a description of the item. On the mysql
server, "magic_quotes_g pc" is ON.
I am testing it now by putting special characters in the description field,
this is what I am entering:
O'Leary "special edition"
Now, this item data always gets written to the db just fine and shows up in
the db as entered. Seems correct and working just fine up to this point.
My problem is with my "edit item" page. This page allows users to update
items, including the mentioned "descriptio n" field. But when the data is
called back up from the db to display in the "edit item" page and the
description contains double quotes, the description is cut off, and only
shows:
O'Leary
Here is the code (snippet of the important stuff and numbered) on the "edit
item" page:
1. $result = mysql_query("se lect * from inven where product =
'$product'");
2. $row = mysql_fetch_arr ay($result);
3. echo "Descriptio n is: $row[description]";
4. echo "<table width=80% border=1 cellpadding=4 cellspacing=0>" ;
5. ?>
6. <tr><td>Produ ct #:</td><td><input type=text name=product value="<?echo
$row[product]?>"></td></tr>
7. <tr><td>Descrip tion:</td><td><input type=text name=descriptio n
value="<?echo $row[description]?>" size=50></td></tr>
8.
9. <?
10. echo "</table>";
11. echo "<br><br><i nput type=submit name=Update value=Update>";
12. ?>
The important line of code here is line 6, where the value of description
should show. The real value of description that is in the database should be
showing up here, but it is cut off if it contains double quotes. Note also
that the full value (double quotes and all) of description can be seen in
the echo statement at line 3. I'm stumped.
To sum up this problem, data appears to get written to the db just fine. The
"edit item" page is brought up, but the description - if it contains special
characters, is cut off, apparently where there are double quotes. If I go
ahead and update the item, the new value in the db is now cut off and not
what I want.
Any ideas? Thanks in advance.
Mosher 12 28563
Mosher wrote: 6. <tr><td>Produ ct #:</td><td><input type=text name=product value="<?echo $row[product]?>"></td></tr>
The important line of code here is line 6, where the value of description should show. The real value of description that is in the database should be showing up here, but it is cut off if it contains double quotes. Note also that the full value (double quotes and all) of description can be seen in the echo statement at line 3. I'm stumped.
The quotes are there :)
view the source!
This is a HTML problem: you're trying to output HTML similar to
<input value="John "Q" Smith">
and the browser doesn't know how to interpret it
Try html_entities()
<form ...>
<!-- ... -->
<input value="<?php echo html_entites($r ow['product'], ENT_QUOTES); ?>"/>
<!-- ... -->
</form> http://www.php.net/html_entites
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--
Pedro - thanks so much! That helped and I can now view the full double
quoted data.
However, when I try to "update" the information into the db, the
single/double quoted stuff doesn't get written to the db. I tried an
html_entity_dec ode function, but that only writes single quotes to the db,
not double. Here is my decode code that I put in the same code that you
commented on previously:
<input type=hidden name=descriptio n value="<?echo
html_entity_dec ode($row[description])?>">
It's my understanding that we need to decode the html_entities data before
writing to db, right? Any ideas how I could get the whole string, single and
double quotes included, written into the db?
Thanks again,
Mosher
"Pedro Graca" <he****@hotpop. com> wrote in message
news:bs******** ****@ID-203069.news.uni-berlin.de... Mosher wrote: 6. <tr><td>Produ ct #:</td><td><input type=text name=product
value="<?echo $row[product]?>"></td></tr>
The important line of code here is line 6, where the value of
description should show. The real value of description that is in the database
should be showing up here, but it is cut off if it contains double quotes. Note
also that the full value (double quotes and all) of description can be seen
in the echo statement at line 3. I'm stumped.
The quotes are there :) view the source!
This is a HTML problem: you're trying to output HTML similar to <input value="John "Q" Smith"> and the browser doesn't know how to interpret it
Try html_entities() <form ...> <!-- ... -->
<input value="<?php echo html_entites($r ow['product'], ENT_QUOTES); ?>"/>
<!-- ... --> </form> http://www.php.net/html_entites -- --= my mail box only accepts =-- --= Content-Type: text/plain =-- --= Size below 10001 bytes =--
Mosher wrote: Pedro - thanks so much! That helped and I can now view the full double quoted data.
However, when I try to "update" the information into the db, the single/double quoted stuff doesn't get written to the db. I tried an html_entity_dec ode function, but that only writes single quotes to the db, not double. Here is my decode code that I put in the same code that you commented on previously:
<input type=hidden name=descriptio n value="<?echo html_entity_dec ode($row[description])?>">
It's my understanding that we need to decode the html_entities data before writing to db, right? Any ideas how I could get the whole string, single and double quotes included, written into the db?
Thanks again,
Mosher
NO... you do not need to decode anything before flushing it to the db. All
you need to do is shove it in (being sure to call something like
mysql_escape_st ring first, obviously)
Mosher wrote: It's my understanding that we need to decode the html_entities data before writing to db, right? Any ideas how I could get the whole string, single and double quotes included, written into the db?
From DB to browser
htmlentities()
From browser to DB
mysql_escape_st ring()
But beware of magic quotes (I don't have them on)
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--
Pedro Graca wrote: Mosher wrote: It's my understanding that we need to decode the html_entities data before writing to db, right? Any ideas how I could get the whole string, single and double quotes included, written into the db?
From DB to browser htmlentities()
From browser to DB mysql_escape_st ring()
But beware of magic quotes (I don't have them on)
you will likely want to do something like
$string = get_magic_quote s_gpc() ?
mysql_escape_st ring(stripslash es($string)) : mysql_escape_st ring($string);
Guys,
I tried to use the mysql_escape_st ring($descripti on), but it didn't work.
When I enter this string from the description field:
O'Leary "special"
....it sends this to the db:
O\\\'Leary \\
....and because magic quotes in on, this is what actually got written to the
db:
O\'Leary \
Also, any information that comes after the description field has now
dissapeared. I am in "special character" hell! Help!!! Remember that
magic_quotes_gp c is 'ON'.
Thanks,
Mosher
"Agelmar" <if**********@c omcast.net> wrote in message
news:bt******** ****@ID-30799.news.uni-berlin.de... Pedro Graca wrote: Mosher wrote: It's my understanding that we need to decode the html_entities data before writing to db, right? Any ideas how I could get the whole string, single and double quotes included, written into the db?
From DB to browser htmlentities()
From browser to DB mysql_escape_st ring()
But beware of magic quotes (I don't have them on)
you will likely want to do something like $string = get_magic_quote s_gpc() ? mysql_escape_st ring(stripslash es($string)) : mysql_escape_st ring($string);
"Mosher" <mo***********@ yahoo.com> wrote in
news:fY******** ************@co mcast.com (in part): Guys,
I tried to use the mysql_escape_st ring($descripti on), but it didn't work. When I enter this string from the description field:
O'Leary "special"
...it sends this to the db:
I've come in late, but you may want to try:
From the form to DB: urlencode(strip slashes($string ))
From the DB to the display: urldecode($db_s tring)
Ken Robinson
Hi Ken,
Thanks for this, but it did not work. Once again (prior to your code), the
data gets written to the db just fine, quotes and all. But when I call it
back up to edit it, that is where the problem is. First, the field data:
O'Leary "special"
....only displayed O'Leary when called back up. I then was able to get around
that by the following line of code:
<input type=text name=descriptio n value="<? echo
htmlentities($r ow[description])?>">
This did display the full data above with quotes, etc. But when I look in
the actual source code of the webpage being displayed, it shows:
O'Leary"sp ecial"
....in the field and when I try to write to db, it only writes:
O'Leary
Any other ideas?
Thanks,
Mosher
"Ken Robinson" <se**********@r bnsn.com> wrote in message
news:45******** *************** *******@news.te ranews.com... "Mosher" <mo***********@ yahoo.com> wrote in news:fY******** ************@co mcast.com (in part):
Guys,
I tried to use the mysql_escape_st ring($descripti on), but it didn't work. When I enter this string from the description field:
O'Leary "special"
...it sends this to the db:
I've come in late, but you may want to try:
From the form to DB: urlencode(strip slashes($string )) From the DB to the display: urldecode($db_s tring)
Ken Robinson This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Olaf Kliemt |
last post by:
problem was single and double quotes.
headline is a form input field type text.
before writing to the DB i use :
$headline = mysql_escape_string(stripslashes($headline));
displaying again in a form to modify the entry :
<input type="text" name="headline" value="<? echo
htmlentities($data) ?>" size="50" maxlength="50">
|
by: Krishna A.M |
last post by:
Hi,
How do i add a hyperlink to a email id having special characters?
I tried the same , say mailto : test_&_send@hoohoo.com
IN the to box i can see only till test_ and the rest is omitted.
Any ideas how the tags could be bypassed?
Though i am not a web page designer, I tried & but with no luck.
Any help would be highly...
|
by: Amin Schoeib |
last post by:
Hi,
Can somebody tell me why german special characters like 'ü' or 'ä' willbe changed
To '?' when retrieving data from postgres with Java (JDBC). When I select the data under
Postgres everything is ok. The problem occurs when I select the data with Java.
???
Hope somebody can helps.
Thanxx
|
by: Danno |
last post by:
I have a file which contains special characters that equate to a hex 00
(0x00).
When I read each line into a string, I need to replace the hex 00 characters
in the string with a space.
What's the easiest way (or any for that matter) to accomplish this task.
Thanks. I've been wracking my brain all day on this.
|
by: Sakharam Phapale |
last post by:
Hi All,
I am using an API function, which takes file path as an input.
When file path contains special characters (@,#,$,%,&,^, etc), API function
gives an error as "Unable to open input file".
Same file path containing special characters works fine in one machine, but
doesn't work in other.
I am using following API function to get short...
| |
by: petedawn |
last post by:
hi guys,
based on users button press i am passing the following to my javascript
function, test('é'). and within my javascript i have this
function test(x) which processes this input.
now i am comparing this input using this, if ((x == "é")) {
alert ('eacute clicked') }, but i am unable to capture this for some
reason....
|
by: diverge |
last post by:
Hi, i'm working on an ASP project with prototype.js but i just can't
get special chars to work as they should.
I'm using UTF-8 pages but as soon as i call a page containing for
example å,ä,ö, < or it's replaced with a questionmark.
I call the pages using
new Ajax.Updater(target, page, {asynchronous:true, evalScripts:true});
Any ideas?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes...
| |
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |