wats the deal with \"blah\" and \'blah\' ?? when i post from a web form via php to a MySQL db or flat text file?

is there any simple way to get rid of this?

thanx

a php func. starts wiht function("asdasdasd") [in a string],
and when you write " in the func, you need to use \ before the " to avoid parse error..

try to use this :


stripslashes($message);

i cant get that php command to work

and it doesnt matter that i put a \ b4 a " it comes out \\\" in the preview mode of the script, but when it posts, anything after the " or ' disappears

Show me your code

Put the following in your .htaccess file:



php_flag magic_quotes_gpc off

the .htaccess idea didnt work

my code is as follows over 2 files



<? include '/usr/home/o/z/ozefrog/public_html/lib/header.inc'; ?>
<?php
// Important : keep your database table name as 'joke4'..i.e don't touch the select statements
include("joke4cfg.php");
$connection = mysql_connect($serverAddress,$databaseName,$serverPass)or die("Couldn't make connection.");
$db = mysql_select_db($databaseName,$connection)or die("Couldn't select database");
$limit=20; // rows to return
$numresults=mysql_query("select * from joke4 order by date_post desc");
$numrows=mysql_num_rows($numresults);

// next determine if offset has been passed to script, if not use 0
if (empty($offset)) {
$offset=0;
}
echo "<center><strong><font face=verdana size=3>Q&A Jokes</font></strong></center><br>";
echo "<hr width=90% size=1 color=#000000 noshade>";
echo "<br><br>";
// get results
$result=mysql_query("select * from joke4 order by date_post desc limit $offset,$limit");
// now you can display the results returned
while ($data=mysql_fetch_array($result)) {
echo "<table width=475 border=0 align=center id=AutoNumber2>";
echo "<tr>";
echo "<td width=55 bgcolor=#FFCC00><b><font size=2 face=Verdana>&nbsp;Name:</font></b></td>";
echo "<td width=420 bgcolor=#008BCE align=justify><font face=Verdana size=2 color=#ffffff>".$data[0]."</font></td>";
echo "</tr>";
echo "<tr>";
echo "<td width=55 bgcolor=#FFCC00><b><font face=Verdana size=2>&nbsp;IP:</font></b></td>";
echo "<td width=420 bgcolor=#008BCE align=justify><font face=Verdana size=2 color=#ffffff>".$data[1]."</font></td>";
echo "</tr>";
echo "<tr>";
echo "<td width=55 bgcolor=#FFCC00 height=60 valign=top><b><font size=2 face=Verdana>&nbsp;Question:</font></b></td>";
echo "<td width=420 bgcolor=#008BCE height=60 valign=top align=justify><font face=Verdana size=2 color=#ffffff>".$data[2]."</font></td>";
echo "</tr>";
echo "<tr>";
echo "<td width=55 bgcolor=#FFCC00 height=60 valign=top><b><font size=2 face=Verdana>&nbsp;Answer:</font></b></td>";
echo "<td width=420 bgcolor=#008BCE height=60 valign=top align=justify><font face=Verdana size=2 color=#ffffff>".$data[3]."</font></td>";
echo "</tr>";
echo "</table>";
echo "<br>";
}
// next we need to do the links to other results
print "<center><font face=verdana size=2>Page Number: </font>";

// calculate number of pages needing links
$pages=intval($numrows/$limit);

// $pages now contains int of pages needed unless there is a remainder from division
if ($numrows%$limit) {
// has remainder so add one page
$pages++;
}

for ($i=1;$i<=$pages;$i++) { // loop thru
$newoffset=$limit*($i-1);
print "<font face=verdana size=2><a href=\"$PHP_SELF?offset=$newoffset\">$i</a>&nbsp</font>\n";
}
print "</center>";

mysql_close($connection);
?> <br>
<hr width="90%" size="1" color="#000000" noshade>
<script language=javascript>
function validate()
{
if (document.frm.usr_name.value==""){
alert("Please enter your name.");
return false;
}
if (document.frm.usr_joke.value==""){
alert("Please tell us your joke.");
return false;
}
if (document.frm.usr_ans.value==""){
alert("Please tell us your answer.");
return false;
}
}
</script>
<br>
<p align=center><font size=2 face=verdana>Please fill out the following to add your joke to our archive</font></p>
<form name="frm" action="joke4show.php" method="Post" onSubmit="return validate();">
<table width="400" border="0" cellspacing="1" cellpadding="3" align="center" id="AutoNumber1" style="border-collapse: collapse">
<tr>
<td width="50"><b><font size="2" face="Verdana">Name:</font></b></td>
<td width="350"><input type="text" name="usr_name" size="33"><input type="hidden" name="usr_id" size="30" value="<? echo $REMOTE_ADDR ?>"></td>
</tr>
<tr>
<td width="50" valign="top"><b><font size="2" face="Verdana">Question:</font></b></td>
<td width="350"><textarea rows="7" name="usr_joke" cols="32"></textarea></td>
</tr>
<tr>
<td width="50" valign="top"><b><font size="2" face="Verdana">Answer:</font></b></td>
<td width="350"><textarea rows="7" name="usr_ans" cols="32"></textarea></td>
</tr>
<tr>
<td width="50">&nbsp;</td>
<td width="350"><input type="submit" value="Add">
<input type="reset" value="Clear"></td>
</tr>
</table>
</form>

<? include '/usr/home/o/z/ozefrog/public_html/lib/footer.inc'; ?>



file 2



<?php

include("joke4cfg.php");
$date_post = date("Y-m-d H:i:s");
$connection = mysql_connect($serverAddress,$databaseName,$serverPass)or die("Couldn't make connection.");
$db = mysql_select_db($databaseName,$connection)or die("Couldn't select database");
$insertSql ="insert into joke4 values ('".$usr_name."','".$usr_id."','".$usr_joke."','".$usr_ans."','".$date_post."')";
mysql_query($insertSql);
mysql_close($connection);
include '/usr/home/o/z/ozefrog/public_html/lib/header.inc';
echo "\n\n<font face=verdana size=2><center><strong>Your joke has been added into the joke archive!</center></strong></font><br><br>";
echo "<br><br><br><br><font size=2><center>Click <a href=joke4.php>Here</a> to go back to the joke archive.</font></center>";
include '/usr/home/o/z/ozefrog/public_html/lib/footer.inc';
?>

Oops, try this instead:



php_flag magic_quotes_runtime off


I think the _gpc variable was for GET/POST/COOKIES. This one is for databases...

There's a way to do it in your PHP code too, if your host does not let you change the PHP configuration in the .htaccess. I think the function is



set_magic_quotes_runtime( 0 );

no luck still

the thing with the .htaccess file gives an internal server error

How about just putting the function call (the set_magic_quotes_runtime() mentioned above) at the top of your code and trying again? Does it work when you do that?

i get

Parse error: parse error in /usr/home/o/z/ozefrog/public_html/joke4add.php on line 13

Better check the manual from the horses' mouth to make sure the syntax is correct:

http://www.php.net/manual/en/function.set-magic-quotes-runtime.php

(just in case I got it wrong)

i dont get all that crap on how to place the functions, im still learning....

Please dont show all the code, only the ariables that contain the text the you have problem with \....

Just a long shot: did you place the function *after* the "<?" - ie,



<?
set_magic_quotes_runtime ( 0 );

...

Originally posted by fatman
Just a long shot: did you place the function *after* the "<?" - ie,



<?
set_magic_quotes_runtime ( 0 );

...


This should work !!!

i placed it after the <?

Originally posted by ozefrog
i placed it after the <?
Well, show the code the prints out the text, not all the code.

Originally posted by megapuzik


This should work !!!

Actually both solutions (.htaccess and the function call) should work.

Ozefrog, if you get a parse error, you need to find out why. Eg, was something spelt wrongly, or was the file accidentally was uploaded in binary, etc?

BTW, which PHP version are you using? (I should have asked this at the beginning! :) )

the first part that i put in here is the one that prints it out

but the following previews it



<? include '/usr/home/o/z/ozefrog/public_html/lib/header.inc'; ?>
<font face=verdana size=2>
<p align=center><b>The following is being added to the CheapHumour joke archive:</b><br><br><br>
<table width="475" border="0" align="center" id="AutoNumber2">
<tr>
<td width="55" bgcolor="#FFCC00"><b><font size="2" face="Verdana">&nbsp;Name:</font></b></td>
<td width="420" bgcolor="#008BCE" align="justify"><font face=Verdana size=2 color=#ffffff><?php echo ($usr_name);?></font></td>
</tr>
<tr>
<td width="55" bgcolor="#FFCC00"><b><font face="Verdana" size="2">&nbsp;IP:</font></b></td>
<td width="420" bgcolor="#008BCE" align="justify"><font face=Verdana size=2 color=#ffffff><?php echo ($usr_id);?></font></td>
</tr>
<tr>
<td width="55" bgcolor="#FFCC00" height="60" valign="top"><b><font size="2" face="Verdana">&nbsp;Question:</font></b></td>
<td width="420" bgcolor="#008BCE" height="60" valign="top" align="justify"><font face=Verdana size=2 color=#ffffff><?php echo ($usr_joke);?></font></td>
</tr>
<tr>
<td width="55" bgcolor="#FFCC00" height="60" valign="top"><b><font size="2" face="Verdana">&nbsp;Answer:</font></b></td>
<td width="420" bgcolor="#008BCE" height="60" valign="top" align="justify"><font face=Verdana size=2 color=#ffffff><?php echo ($usr_ans);?></font></td>
</tr>
</table>
<br><br>
<p align=justify><font face=verdana size=2>If you wish to edit this information, click on "Go Back", or click "Add Entry" to add it to our archive.</font></p><br>
<form name=actualsubmit method=post action="joke4add.php">
<input type=hidden name="usr_name" value="<?php echo $usr_name;?>">
<input type=hidden name="usr_id" value="<?php echo $usr_id;?>">
<input type=hidden name="usr_joke" value="<?php echo $usr_joke;?>">
<input type=hidden name="usr_ans" value="<?php echo $usr_ans;?>"><br>
<font face=verdana size=2>
<center><a href="javascript:history.back();">Go Back</a> | <a href="javascript:document.actualsubmit.submit();">Add Entry</a>
</center></font>
</form>
<? include '/usr/home/o/z/ozefrog/public_html/lib/footer.inc'; ?>

Originally posted by fatman


Actually both solutions (.htaccess and the function call) should work.

Ozefrog, if you get a parse error, you need to find out why. Eg, was something spelt wrongly, or was the file accidentally was uploaded in binary, etc?

BTW, which PHP version are you using? (I should have asked this at the beginning! :) )

the host im with runs PHP Version 4.1.1

tru to change this line :


<input type=hidden name="usr_joke" value="<?php echo $usr_joke;?>">

into this :

<input type=hidden name="usr_joke" value="<?php echo stripslashes($usr_joke);?>">

no luck still

Originally posted by ozefrog
no luck still
the problem is when you write " you get \" right ??

Originally posted by megapuzik

the problem is when you write " you get \" right ??

yeah, and in the preview it shows as

joke here \"quote\"

but when u view if from the database it looks like this

joke here \

Originally posted by ozefrog


yeah, and in the preview it shows as

joke here \"quote\"

but when u view if from the database it looks like this

joke here \
well, you can always try use srt_replace ->


<?php $usr_joke = str_replace('\"','"',$usr_joke);?>
<input type=hidden name="usr_id" value="<?php echo $usr_id;?>">
<input type=hidden name="usr_joke" value="<?php echo $usr_joke;?>">
<input type=hidden name="usr_ans" value="<?php echo $usr_ans;?>">

Not sure that this will work cuz you maybe needed to change the signs to the ascii ! (< = &lt ..............)

Originally posted by megapuzik

well, you can always try use srt_replace ->


<?php $usr_joke = str_replace('\"','"',$usr_joke);?>
<input type=hidden name="usr_id" value="<?php echo $usr_id;?>">
<input type=hidden name="usr_joke" value="<?php echo $usr_joke;?>">
<input type=hidden name="usr_ans" value="<?php echo $usr_ans;?>">

Not sure that this will work cuz you maybe needed to change the signs to the ascii ! (< = &lt ..............)
bah, this board convert ascii, < will be & l t [without the spaces]

it works, but now it has gotten rid of the quotes when it opens it fromt the sql

Originally posted by ozefrog
it works, but now it has gotten rid of the quotes when it opens it fromt the sql
Is that a problem ?

yes cos i run a joke site, and a lot of jokes have quotes and stuff in it

Originally posted by ozefrog
yes cos i run a joke site, and a lot of jokes have quotes and stuff in it
ok, let me understand, when someone sumbit a joke, in the preview there is no problems with the ", but after the preview, the problems appear again.
then you should use the str_replace in the script that sumbit your joke ! (not only to the preview.

Im going to sleep now, talk with later :)

i can get it to parse ' alright but it wont parse anything after the "

ok

but the script doesnt have the $usr_joke variable

Originally posted by ozefrog
ok

but the script doesnt have the $usr_joke variable
Then just replace $usr_joke with the name of your textarea.

$usr_joke is the name of the text area

if u like, go to http://www.cheaphumour.com.kg/joke4.php and add some test posts in there using "blah" and 'blah' with both types of quotes in your post, and then u will see my problem.

also i have determined that the " fail to insert into the SQL

Show me the script that insert the joke into the mySQL

<?php


include("joke4cfg.php");
$date_post = date("Y-m-d H:i:s");
$connection = mysql_connect($serverAddress,$databaseName,$serverPass)or die("Couldn't make connection.");
$db = mysql_select_db($databaseName,$connection)or die("Couldn't select database");
$insertSql ="insert into joke4 values ('".$usr_name."','".$usr_id."','".$usr_joke."','".$usr_ans."','".$date_post."')";
mysql_query($insertSql);
mysql_close($connection);
include '/usr/home/o/z/ozefrog/public_html/lib/header.inc';
echo "\n\n<font face=verdana size=2><center><strong>Your joke has been added into the joke archive!</center></strong></font><br><br>";
echo "<br><br><br><br><font size=2><center>Click <a href=joke4.php>Here</a> to go back to the joke archive.</font></center>";
include '/usr/home/o/z/ozefrog/public_html/lib/footer.inc';
?>


that was the add code

Remove the str_replace and in this code, put this in the top :


$usr_joke = stripslashes(htmlspecialchars($usr_joke)) ;


and also, put this code at the top of the page where you preview your joke, it shold work !!

works in perview but it wont add the joke now

Originally posted by ozefrog
works in perview but it wont add the joke now
so remove this when you add to the database, and add this line in the top of the page that show the joke.

i dont get, im goin to bed, discuss 2 morrow

if u like i will send the actually script for u to test

aha! got it to work fine now

$usr_joke = stripslashes(htmlspecialchars($usr_joke)) ;

holds the key


thanx for all ya help ;-)