473,549 Members | 2,982 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

PHP/Mysql/special characters problem

Hi all,

I have an issue with php and/or mysql. I have a php form that writes "items"
to a mysql database, including a description of the item. On the mysql
server, "magic_quotes_g pc" is ON.

I am testing it now by putting special characters in the description field,
this is what I am entering:

O'Leary "special edition"

Now, this item data always gets written to the db just fine and shows up in
the db as entered. Seems correct and working just fine up to this point.

My problem is with my "edit item" page. This page allows users to update
items, including the mentioned "descriptio n" field. But when the data is
called back up from the db to display in the "edit item" page and the
description contains double quotes, the description is cut off, and only
shows:

O'Leary

Here is the code (snippet of the important stuff and numbered) on the "edit
item" page:

1. $result = mysql_query("se lect * from inven where product =
'$product'");
2. $row = mysql_fetch_arr ay($result);
3. echo "Descriptio n is: $row[description]";
4. echo "<table width=80% border=1 cellpadding=4 cellspacing=0>" ;
5. ?>
6. <tr><td>Produ ct #:</td><td><input type=text name=product value="<?echo
$row[product]?>"></td></tr>
7. <tr><td>Descrip tion:</td><td><input type=text name=descriptio n
value="<?echo $row[description]?>" size=50></td></tr>
8.
9. <?
10. echo "</table>";
11. echo "<br><br><i nput type=submit name=Update value=Update>";
12. ?>

The important line of code here is line 6, where the value of description
should show. The real value of description that is in the database should be
showing up here, but it is cut off if it contains double quotes. Note also
that the full value (double quotes and all) of description can be seen in
the echo statement at line 3. I'm stumped.

To sum up this problem, data appears to get written to the db just fine. The
"edit item" page is brought up, but the description - if it contains special
characters, is cut off, apparently where there are double quotes. If I go
ahead and update the item, the new value in the db is now cut off and not
what I want.

Any ideas? Thanks in advance.

Mosher
Jul 17 '05 #1
12 28563
Mosher wrote:
6. <tr><td>Produ ct #:</td><td><input type=text name=product value="<?echo
$row[product]?>"></td></tr> The important line of code here is line 6, where the value of description
should show. The real value of description that is in the database should be
showing up here, but it is cut off if it contains double quotes. Note also
that the full value (double quotes and all) of description can be seen in
the echo statement at line 3. I'm stumped.


The quotes are there :)
view the source!

This is a HTML problem: you're trying to output HTML similar to
<input value="John "Q" Smith">
and the browser doesn't know how to interpret it

Try html_entities()
<form ...>
<!-- ... -->

<input value="<?php echo html_entites($r ow['product'], ENT_QUOTES); ?>"/>

<!-- ... -->
</form>
http://www.php.net/html_entites
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--
Jul 17 '05 #2
I (Pedro Graca) mis-wrote:
http://www.php.net/html_entites


Sorry, that should have been
http://www.php.net/html_entities
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--
Jul 17 '05 #3
Pedro - thanks so much! That helped and I can now view the full double
quoted data.

However, when I try to "update" the information into the db, the
single/double quoted stuff doesn't get written to the db. I tried an
html_entity_dec ode function, but that only writes single quotes to the db,
not double. Here is my decode code that I put in the same code that you
commented on previously:

<input type=hidden name=descriptio n value="<?echo
html_entity_dec ode($row[description])?>">

It's my understanding that we need to decode the html_entities data before
writing to db, right? Any ideas how I could get the whole string, single and
double quotes included, written into the db?

Thanks again,

Mosher

"Pedro Graca" <he****@hotpop. com> wrote in message
news:bs******** ****@ID-203069.news.uni-berlin.de...
Mosher wrote:
6. <tr><td>Produ ct #:</td><td><input type=text name=product value="<?echo $row[product]?>"></td></tr>

The important line of code here is line 6, where the value of description should show. The real value of description that is in the database should be showing up here, but it is cut off if it contains double quotes. Note also that the full value (double quotes and all) of description can be seen in the echo statement at line 3. I'm stumped.


The quotes are there :)
view the source!

This is a HTML problem: you're trying to output HTML similar to
<input value="John "Q" Smith">
and the browser doesn't know how to interpret it

Try html_entities()
<form ...>
<!-- ... -->

<input value="<?php echo html_entites($r ow['product'], ENT_QUOTES); ?>"/>

<!-- ... -->
</form>
http://www.php.net/html_entites
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--

Jul 17 '05 #4
Mosher wrote:
Pedro - thanks so much! That helped and I can now view the full double
quoted data.

However, when I try to "update" the information into the db, the
single/double quoted stuff doesn't get written to the db. I tried an
html_entity_dec ode function, but that only writes single quotes to
the db, not double. Here is my decode code that I put in the same
code that you commented on previously:

<input type=hidden name=descriptio n value="<?echo
html_entity_dec ode($row[description])?>">

It's my understanding that we need to decode the html_entities data
before writing to db, right? Any ideas how I could get the whole
string, single and double quotes included, written into the db?

Thanks again,

Mosher


NO... you do not need to decode anything before flushing it to the db. All
you need to do is shove it in (being sure to call something like
mysql_escape_st ring first, obviously)
Jul 17 '05 #5
Mosher wrote:
It's my understanding that we need to decode the html_entities data before
writing to db, right? Any ideas how I could get the whole string, single and
double quotes included, written into the db?


From DB to browser
htmlentities()

From browser to DB
mysql_escape_st ring()

But beware of magic quotes (I don't have them on)
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--
Jul 17 '05 #6
Pedro Graca wrote:
Mosher wrote:
It's my understanding that we need to decode the html_entities data
before writing to db, right? Any ideas how I could get the whole
string, single and double quotes included, written into the db?


From DB to browser
htmlentities()

From browser to DB
mysql_escape_st ring()

But beware of magic quotes (I don't have them on)


you will likely want to do something like
$string = get_magic_quote s_gpc() ?
mysql_escape_st ring(stripslash es($string)) : mysql_escape_st ring($string);
Jul 17 '05 #7
Guys,

I tried to use the mysql_escape_st ring($descripti on), but it didn't work.
When I enter this string from the description field:

O'Leary "special"

....it sends this to the db:

O\\\'Leary \\

....and because magic quotes in on, this is what actually got written to the
db:

O\'Leary \

Also, any information that comes after the description field has now
dissapeared. I am in "special character" hell! Help!!! Remember that
magic_quotes_gp c is 'ON'.

Thanks,

Mosher

"Agelmar" <if**********@c omcast.net> wrote in message
news:bt******** ****@ID-30799.news.uni-berlin.de...
Pedro Graca wrote:
Mosher wrote:
It's my understanding that we need to decode the html_entities data
before writing to db, right? Any ideas how I could get the whole
string, single and double quotes included, written into the db?


From DB to browser
htmlentities()

From browser to DB
mysql_escape_st ring()

But beware of magic quotes (I don't have them on)


you will likely want to do something like
$string = get_magic_quote s_gpc() ?
mysql_escape_st ring(stripslash es($string)) : mysql_escape_st ring($string);

Jul 17 '05 #8
"Mosher" <mo***********@ yahoo.com> wrote in
news:fY******** ************@co mcast.com (in part):
Guys,

I tried to use the mysql_escape_st ring($descripti on), but it didn't
work. When I enter this string from the description field:

O'Leary "special"

...it sends this to the db:


I've come in late, but you may want to try:

From the form to DB: urlencode(strip slashes($string ))
From the DB to the display: urldecode($db_s tring)

Ken Robinson
Jul 17 '05 #9
Hi Ken,

Thanks for this, but it did not work. Once again (prior to your code), the
data gets written to the db just fine, quotes and all. But when I call it
back up to edit it, that is where the problem is. First, the field data:

O'Leary "special"

....only displayed O'Leary when called back up. I then was able to get around
that by the following line of code:

<input type=text name=descriptio n value="<? echo
htmlentities($r ow[description])?>">

This did display the full data above with quotes, etc. But when I look in
the actual source code of the webpage being displayed, it shows:

O'Leary&quot;sp ecial&quot;

....in the field and when I try to write to db, it only writes:

O'Leary

Any other ideas?

Thanks,

Mosher

"Ken Robinson" <se**********@r bnsn.com> wrote in message
news:45******** *************** *******@news.te ranews.com...
"Mosher" <mo***********@ yahoo.com> wrote in
news:fY******** ************@co mcast.com (in part):
Guys,

I tried to use the mysql_escape_st ring($descripti on), but it didn't
work. When I enter this string from the description field:

O'Leary "special"

...it sends this to the db:


I've come in late, but you may want to try:

From the form to DB: urlencode(strip slashes($string ))
From the DB to the display: urldecode($db_s tring)

Ken Robinson

Jul 17 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
2
1163
PHP/Mysql/special characters problem
by: Olaf Kliemt | last post by:
problem was single and double quotes. headline is a form input field type text. before writing to the DB i use : $headline = mysql_escape_string(stripslashes($headline)); displaying again in a form to modify the entry : <input type="text" name="headline" value="<? echo htmlentities($data) ?>" size="50" maxlength="50">
PHP
3
9435
hyperlink for e-mail id ...mailto with special characters ...problem
by: Krishna A.M | last post by:
Hi, How do i add a hyperlink to a email id having special characters? I tried the same , say mailto : test_&_send@hoohoo.com IN the to box i can see only till test_ and the rest is omitted. Any ideas how the tags could be bypassed? Though i am not a web page designer, I tried &amp; but with no luck. Any help would be highly...
HTML / CSS
2
2627
German special characters Problem
by: Amin Schoeib | last post by:
Hi, Can somebody tell me why german special characters like 'ü' or 'ä' willbe changed To '?' when retrieving data from postgres with Java (JDBC). When I select the data under Postgres everything is ok. The problem occurs when I select the data with Java. ??? Hope somebody can helps. Thanxx
PostgreSQL Database
1
1236
Special Characters problem
by: Danno | last post by:
I have a file which contains special characters that equate to a hex 00 (0x00). When I read each line into a string, I need to replace the hex 00 characters in the string with a space. What's the easiest way (or any for that matter) to accomplish this task. Thanks. I've been wracking my brain all day on this.
C# / C Sharp
5
8604
File path (contains special characters) problem when passing as input to API function.
by: Sakharam Phapale | last post by:
Hi All, I am using an API function, which takes file path as an input. When file path contains special characters (@,#,$,%,&,^, etc), API function gives an error as "Unable to open input file". Same file path containing special characters works fine in one machine, but doesn't work in other. I am using following API function to get short...
Visual Basic .NET
7
7055
Special characters problem
by: petedawn | last post by:
hi guys, based on users button press i am passing the following to my javascript function, test('&eacute;'). and within my javascript i have this function test(x) which processes this input. now i am comparing this input using this, if ((x == "&eacute;")) { alert ('eacute clicked') }, but i am unable to capture this for some reason....
Javascript
2
3336
Special characters problem in with Prototype Ajax
by: diverge | last post by:
Hi, i'm working on an ASP project with prototype.js but i just can't get special chars to work as they should. I'm using UTF-8 pages but as soon as i call a page containing for example å,ä,ö, < or it's replaced with a questionmark. I call the pages using new Ajax.Updater(target, page, {asynchronous:true, evalScripts:true}); Any ideas?
Javascript
0
7518
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
General
0
7446
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
Windows Server
0
7956
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
Online Marketing
1
5368
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
Microsoft Access / VBA
0
5087
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
C# / C Sharp
0
3498
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
Networking - Hardware / Configuration
0
3480
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
1935
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
1
1057
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us