473,383 Members | 1,748 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > php/mysql/special characters problem

Join Bytes to post your question to a community of 473,383 software developers and data experts.

PHP/Mysql/special characters problem

Hi all,

I have an issue with php and/or mysql. I have a php form that writes "items"
to a mysql database, including a description of the item. On the mysql
server, "magic_quotes_gpc" is ON.

I am testing it now by putting special characters in the description field,
this is what I am entering:

O'Leary "special edition"

Now, this item data always gets written to the db just fine and shows up in
the db as entered. Seems correct and working just fine up to this point.

My problem is with my "edit item" page. This page allows users to update
items, including the mentioned "description" field. But when the data is
called back up from the db to display in the "edit item" page and the
description contains double quotes, the description is cut off, and only
shows:

O'Leary

Here is the code (snippet of the important stuff and numbered) on the "edit
item" page:

1. $result = mysql_query("select * from inven where product =
'$product'");
2. $row = mysql_fetch_array($result);
3. echo "Description is: $row[description]";
4. echo "<table width=80% border=1 cellpadding=4 cellspacing=0>";
5. ?>
6. <tr><td>Product #:</td><td><input type=text name=product value="<?echo
$row[product]?>"></td></tr>
7. <tr><td>Description:</td><td><input type=text name=description
value="<?echo $row[description]?>" size=50></td></tr>
8.
9. <?
10. echo "</table>";
11. echo "<br><br><input type=submit name=Update value=Update>";
12. ?>

The important line of code here is line 6, where the value of description
should show. The real value of description that is in the database should be
showing up here, but it is cut off if it contains double quotes. Note also
that the full value (double quotes and all) of description can be seen in
the echo statement at line 3. I'm stumped.

To sum up this problem, data appears to get written to the db just fine. The
"edit item" page is brought up, but the description - if it contains special
characters, is cut off, apparently where there are double quotes. If I go
ahead and update the item, the new value in the db is now cut off and not
what I want.

Any ideas? Thanks in advance.

Mosher
Jul 17 '05 #1
12 28533
Mosher wrote:
6. <tr><td>Product #:</td><td><input type=text name=product value="<?echo
$row[product]?>"></td></tr> The important line of code here is line 6, where the value of description
should show. The real value of description that is in the database should be
showing up here, but it is cut off if it contains double quotes. Note also
that the full value (double quotes and all) of description can be seen in
the echo statement at line 3. I'm stumped.


The quotes are there :)
view the source!

This is a HTML problem: you're trying to output HTML similar to
<input value="John "Q" Smith">
and the browser doesn't know how to interpret it

Try html_entities()
<form ...>
<!-- ... -->

<input value="<?php echo html_entites($row['product'], ENT_QUOTES); ?>"/>

<!-- ... -->
</form>
http://www.php.net/html_entites
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--
Jul 17 '05 #2
I (Pedro Graca) mis-wrote:
http://www.php.net/html_entites


Sorry, that should have been
http://www.php.net/html_entities
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--
Jul 17 '05 #3
Pedro - thanks so much! That helped and I can now view the full double
quoted data.

However, when I try to "update" the information into the db, the
single/double quoted stuff doesn't get written to the db. I tried an
html_entity_decode function, but that only writes single quotes to the db,
not double. Here is my decode code that I put in the same code that you
commented on previously:

<input type=hidden name=description value="<?echo
html_entity_decode($row[description])?>">

It's my understanding that we need to decode the html_entities data before
writing to db, right? Any ideas how I could get the whole string, single and
double quotes included, written into the db?

Thanks again,

Mosher

"Pedro Graca" <he****@hotpop.com> wrote in message
news:bs************@ID-203069.news.uni-berlin.de...
Mosher wrote:
6. <tr><td>Product #:</td><td><input type=text name=product value="<?echo $row[product]?>"></td></tr>

The important line of code here is line 6, where the value of description should show. The real value of description that is in the database should be showing up here, but it is cut off if it contains double quotes. Note also that the full value (double quotes and all) of description can be seen in the echo statement at line 3. I'm stumped.


The quotes are there :)
view the source!

This is a HTML problem: you're trying to output HTML similar to
<input value="John "Q" Smith">
and the browser doesn't know how to interpret it

Try html_entities()
<form ...>
<!-- ... -->

<input value="<?php echo html_entites($row['product'], ENT_QUOTES); ?>"/>

<!-- ... -->
</form>
http://www.php.net/html_entites
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--

Jul 17 '05 #4
Mosher wrote:
Pedro - thanks so much! That helped and I can now view the full double
quoted data.

However, when I try to "update" the information into the db, the
single/double quoted stuff doesn't get written to the db. I tried an
html_entity_decode function, but that only writes single quotes to
the db, not double. Here is my decode code that I put in the same
code that you commented on previously:

<input type=hidden name=description value="<?echo
html_entity_decode($row[description])?>">

It's my understanding that we need to decode the html_entities data
before writing to db, right? Any ideas how I could get the whole
string, single and double quotes included, written into the db?

Thanks again,

Mosher


NO... you do not need to decode anything before flushing it to the db. All
you need to do is shove it in (being sure to call something like
mysql_escape_string first, obviously)
Jul 17 '05 #5
Mosher wrote:
It's my understanding that we need to decode the html_entities data before
writing to db, right? Any ideas how I could get the whole string, single and
double quotes included, written into the db?


From DB to browser
htmlentities()

From browser to DB
mysql_escape_string()

But beware of magic quotes (I don't have them on)
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--
Jul 17 '05 #6
Pedro Graca wrote:
Mosher wrote:
It's my understanding that we need to decode the html_entities data
before writing to db, right? Any ideas how I could get the whole
string, single and double quotes included, written into the db?


From DB to browser
htmlentities()

From browser to DB
mysql_escape_string()

But beware of magic quotes (I don't have them on)


you will likely want to do something like
$string = get_magic_quotes_gpc() ?
mysql_escape_string(stripslashes($string)) : mysql_escape_string($string);
Jul 17 '05 #7
Guys,

I tried to use the mysql_escape_string($description), but it didn't work.
When I enter this string from the description field:

O'Leary "special"

....it sends this to the db:

O\\\'Leary \\

....and because magic quotes in on, this is what actually got written to the
db:

O\'Leary \

Also, any information that comes after the description field has now
dissapeared. I am in "special character" hell! Help!!! Remember that
magic_quotes_gpc is 'ON'.

Thanks,

Mosher

"Agelmar" <if**********@comcast.net> wrote in message
news:bt************@ID-30799.news.uni-berlin.de...
Pedro Graca wrote:
Mosher wrote:
It's my understanding that we need to decode the html_entities data
before writing to db, right? Any ideas how I could get the whole
string, single and double quotes included, written into the db?


From DB to browser
htmlentities()

From browser to DB
mysql_escape_string()

But beware of magic quotes (I don't have them on)


you will likely want to do something like
$string = get_magic_quotes_gpc() ?
mysql_escape_string(stripslashes($string)) : mysql_escape_string($string);

Jul 17 '05 #8
"Mosher" <mo***********@yahoo.com> wrote in
news:fY********************@comcast.com (in part):
Guys,

I tried to use the mysql_escape_string($description), but it didn't
work. When I enter this string from the description field:

O'Leary "special"

...it sends this to the db:


I've come in late, but you may want to try:

From the form to DB: urlencode(stripslashes($string))
From the DB to the display: urldecode($db_string)

Ken Robinson
Jul 17 '05 #9
Hi Ken,

Thanks for this, but it did not work. Once again (prior to your code), the
data gets written to the db just fine, quotes and all. But when I call it
back up to edit it, that is where the problem is. First, the field data:

O'Leary "special"

....only displayed O'Leary when called back up. I then was able to get around
that by the following line of code:

<input type=text name=description value="<? echo
htmlentities($row[description])?>">

This did display the full data above with quotes, etc. But when I look in
the actual source code of the webpage being displayed, it shows:

O'Leary&quot;special&quot;

....in the field and when I try to write to db, it only writes:

O'Leary

Any other ideas?

Thanks,

Mosher

"Ken Robinson" <se**********@rbnsn.com> wrote in message
news:45******************************@news.teranew s.com...
"Mosher" <mo***********@yahoo.com> wrote in
news:fY********************@comcast.com (in part):
Guys,

I tried to use the mysql_escape_string($description), but it didn't
work. When I enter this string from the description field:

O'Leary "special"

...it sends this to the db:


I've come in late, but you may want to try:

From the form to DB: urlencode(stripslashes($string))
From the DB to the display: urldecode($db_string)

Ken Robinson

Jul 17 '05 #10
"Mosher" <mo***********@yahoo.com> wrote in
news:9N********************@comcast.com:
Hi Ken,

Thanks for this, but it did not work. Once again (prior to your code),
the data gets written to the db just fine, quotes and all. But when I
call it back up to edit it, that is where the problem is. First, the
field data:

O'Leary "special"

...only displayed O'Leary when called back up. I then was able to get
around that by the following line of code:

<input type=text name=description value="<? echo
htmlentities($row[description])?>">

This did display the full data above with quotes, etc. But when I look
in the actual source code of the webpage being displayed, it shows:

O'Leary&quot;special&quot;

...in the field and when I try to write to db, it only writes:


I've had similar problems. It's in the DB with the quotes and I used to
run around in circles trying to get it back in after displaying it on a
form and getting the value back. That's why I've started to store the
urlencoded format in the database.

So you would do:
<input type=text name=description value="<? echo urldecode($row
[description])?>">
in your form.

In your database update command use something like: "update .... set
description='".urlencode(stripslashes($_POST['description']))."'..."

You might have to write a one-time job to update all the text fields in
your database to conform to the new method or you can just implement it
and each field will be updated as time goes on.

Ken
Jul 17 '05 #11
> This did display the full data above with quotes, etc. But when I look in
the actual source code of the webpage being displayed, it shows:

O'Leary&quot;special&quot;

...in the field and when I try to write to db, it only writes:

O'Leary

Any other ideas?


after form submission, i use
$_POST['var'] = mysql_escape_string(stripslashes($_POST['var']));
before submitting $_POST['var'] to my database.

maybe you can also echo $_POST['var'] after you submit the form to check
what is in it.

if you use the GET method, the &quot; entity may cause problems as all
variables are transmitted like
http://php.net/script.php?var1=foo&v...;problem&quot;
if this is the case, maybe just try the POST method instead?

good luck
steven.
Jul 17 '05 #12
Ken - the whole thing works now! But the problem was caused by another
issue. I believe that there was another query writing the data to db (so it
was getting written twice) and due to this, there was the problem - one
query was correct and the other wasn't. I removed the latter query and now
it is working. It had me totally stumped because this hasn't been too much
of an issue for me before.

Anyway, thanks much for the advice. Perhaps I'll try your ideas next time.

Later,

Mosher

"Ken Robinson" <se**********@rbnsn.com> wrote in message
news:70******************************@news.teranew s.com...
"Mosher" <mo***********@yahoo.com> wrote in
news:9N********************@comcast.com:
Hi Ken,

Thanks for this, but it did not work. Once again (prior to your code),
the data gets written to the db just fine, quotes and all. But when I
call it back up to edit it, that is where the problem is. First, the
field data:

O'Leary "special"

...only displayed O'Leary when called back up. I then was able to get
around that by the following line of code:

<input type=text name=description value="<? echo
htmlentities($row[description])?>">

This did display the full data above with quotes, etc. But when I look
in the actual source code of the webpage being displayed, it shows:

O'Leary&quot;special&quot;

...in the field and when I try to write to db, it only writes:


I've had similar problems. It's in the DB with the quotes and I used to
run around in circles trying to get it back in after displaying it on a
form and getting the value back. That's why I've started to store the
urlencoded format in the database.

So you would do:
<input type=text name=description value="<? echo urldecode($row
[description])?>">
in your form.

In your database update command use something like: "update .... set
description='".urlencode(stripslashes($_POST['description']))."'..."

You might have to write a one-time job to update all the text fields in
your database to conform to the new method or you can just implement it
and each field will be updated as time goes on.

Ken

Jul 17 '05 #13
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
PHP/Mysql/special characters problem
by: Olaf Kliemt | last post by:
problem was single and double quotes. headline is a form input field type text. before writing to the DB i use : $headline = mysql_escape_string(stripslashes($headline)); displaying again in...
PHP
3
hyperlink for e-mail id ...mailto with special characters ...problem
by: Krishna A.M | last post by:
Hi, How do i add a hyperlink to a email id having special characters? I tried the same , say mailto : test_&_send@hoohoo.com IN the to box i can see only till test_ and the rest is omitted. ...
HTML / CSS
2
German special characters Problem
by: Amin Schoeib | last post by:
Hi, Can somebody tell me why german special characters like 'ü' or 'ä' willbe changed To '?' when retrieving data from postgres with Java (JDBC). When I select the data under Postgres everything...
PostgreSQL Database
1
Special Characters problem
by: Danno | last post by:
I have a file which contains special characters that equate to a hex 00 (0x00). When I read each line into a string, I need to replace the hex 00 characters in the string with a space. What's...
C# / C Sharp
5
File path (contains special characters) problem when passing as input to API function.
by: Sakharam Phapale | last post by:
Hi All, I am using an API function, which takes file path as an input. When file path contains special characters (@,#,$,%,&,^, etc), API function gives an error as "Unable to open input file"....
Visual Basic .NET
7
Special characters problem
by: petedawn | last post by:
hi guys, based on users button press i am passing the following to my javascript function, test('&eacute;'). and within my javascript i have this function test(x) which processes this input. ...
Javascript
2
Special characters problem in with Prototype Ajax
by: diverge | last post by:
Hi, i'm working on an ASP project with prototype.js but i just can't get special chars to work as they should. I'm using UTF-8 pages but as soon as i call a page containing for example å,ä,ö, < or...
Javascript
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!