Search Results

Search found 53 results on 3 pages for 'addslashes'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/3 | 1 2 3  | Next Page >

  • Addslashes, mysql_real_escape always adding two slashes?

    - by Zach
    I'm having an issue with inserting JSON into a database, my intention is to take the variables, json_encode them, remove slashes (from magic_quotes), and then addslashes back in to escape the quotes in {"key":"value"} Unfortunately, strip_slashes on the encoded string isn't doing anything, and outputs this {"content":"<p>This string has it\'s downsides</p>","date":1271352514} I have then tried addslashes, and mysql_real_escape_string, both output "{\\"content\\":\\"<p>This string has it\\\'s downsides</p>\\",\\"date\\":1271352514}" I can't work out why it's adding in two slashes? And I'm tearing my hair out over this, everytime I try to stripslashes it leaves one in, and adding slashes adds two. Any help would be hugely appreciated!

    Read the article

  • My mail going on spam from SMTP server

    - by user1767434
    I am trying to send a registration confirmation mail from my site to user who are registering from my site. my code is:- $drg_name = addslashes(trim($_POST['drg_name'])); $drg_surname = addslashes(trim($_POST['drg_surname'])); $drg_email = addslashes(trim($_POST['drg_email'])); $drg_username = addslashes(trim($_POST['drg_username'])); $drg_pass = addslashes(base64_encode($_POST['drg_pass'])); $drg_addr1 = addslashes(trim($_POST['drg_addr1'])); $drg_addr2 = addslashes(trim($_POST['drg_addr2'])); $drg_addr3 = addslashes(trim($_POST['drg_addr3'])); $drg_town = addslashes(trim($_POST['drg_town'])); $drg_county = addslashes(trim($_POST['drg_county'])); $drg_zip = addslashes(trim($_POST['drg_zip'])); $drg_country = addslashes(trim($_POST['drg_country'])); $drg_phone = addslashes(trim($_POST['drg_phone'])); $drg_gender = addslashes(trim($_POST['drg_gender'])); $drg_pstatus = addslashes(trim($_POST['drg_pstatus'])); $drg_dod = addslashes(trim($_POST['drg_dod'])); $drg_dom = addslashes(trim($_POST['drg_dom'])); $drg_doy = addslashes(trim($_POST['drg_doy'])); $drg_dob=$drg_dod.'/'.$drg_dom.'/'.$drg_doy; $drg_question = addslashes(trim($_POST['drg_question'])); $drg_answer = addslashes(trim($_POST['drg_answer'])); //send confirmation email to user to activate his/her acc $encoded_usr_id=base64_encode($usr_id); $en_id=base64_encode($insert_id); $subject = "Confirmation From dragonsnet.biz" ; $message = "Thank you to register with dragonsnet.biz<br>\n In order to >activate your account please click here: http://My SITE URL/registration_success.php?envar=".$encoded_usr_id."&euid=".$en_id."' Activate\n Thank you for taking the time to register to the dragonsnet.biz Website. "; $this->_globalObj->send_email('support@ MY-Site', $drg_email, $subject, $message, 'Site Name'); $cnf=base64_encode("confirmation"); die($this->_globalObj->redirect("registration_confirmation.php?eml=$cnf")); } my mail is going in user mail ID but in Spam not in inbox. Please help Thanks In Advance.

    Read the article

  • addslashes and addcslahes

    - by theband
    I was seeing today the addslashes and addcslashes in php.net, but did not get the point on what is the difference between them and what are the characters escaped in these two. <?php $originaltext = 'This text does NOT contain \\n a new-line!'; $encoded = addcslashes($originaltext, '\\'); $decoded = stripcslashes($encoded); //$decoded now contains a copy of $originaltext with perfect integrity echo $decoded; //Display the sentence with it's literal \n intact ?> If i comment the $decoded variable and echo $encoded, i get the same value which is in the original string. Can anyone clearly explain me the difference and use of these two.

    Read the article

  • A better JavaScript version of addslashes and stripslashes?

    - by karlthorwald
    I am using these 2 functions: http://javascript.about.com/library/bladdslash.htm But JSLint complains 'Bad Escapement' on this line: str=str.replace(/\\0/g,'\0'); [Edit] I converted to 2 lines, and now the first line is the one that fails JLint: var rep = '\0'; str=str.replace(/\\0/g,rep); So it is the '\0' can you help? I could try something but I want to understand what is going on. [/Edit] Can you make a better version and explain? I would like a version that passes JSLint and still works.

    Read the article

  • Not allowing characters after Space. Mysql Insert With PHP

    - by Jake
    Ok so I think this is easy but I dont know (I'm a novice to PHP and MySQL). I have a select that is getting data from a table in the database. I am simply taking whatever options the user selects and putting it into a separate table with a php mysql insert statement. But I am having a problem. When I hit submit, everything is submitted properly except for any select options that have spaces don't submit after the first space. For example if the option was COMPUTER REPAIR, all that would get sent is COMPUTER. I will post code if needed, and any help would be greatly appreciated. Thanks! Ok here is my select code: <?php include("./config.php"); $query="SELECT id,name FROM category_names ORDER BY name"; $result = mysql_query ($query); echo"<div style='overflow:auto;width:100%'><label>Categories (Pick three that describe your business)</label><br/><select name='select1'><option value='0'>Please Select A Category</option>"; // printing the list box select command while($catinfo=mysql_fetch_array($result)){//Array or records stored in $nt echo "<option>$catinfo[name]</option><br/> "; } echo"</select></div>"; ?> And here is my insert code ( Just to let you know its got everything not just the select!) ?php require("./config.php"); $companyname = mysql_real_escape_string(addslashes(trim($_REQUEST['name']))); $phone = mysql_real_escape_string(addslashes($_REQUEST['phone'])); $zipcode = mysql_real_escape_string(addslashes($_REQUEST['zipcode'])); $city = mysql_real_escape_string(addslashes($_REQUEST['city'])); $description = mysql_real_escape_string(addslashes($_REQUEST['description'])); $website = mysql_real_escape_string(addslashes($_REQUEST['website'])); $address = mysql_real_escape_string(addslashes($_REQUEST['address'])); $other = mysql_real_escape_string(addslashes($_REQUEST['other'])); $payment = mysql_real_escape_string(addslashes($_REQUEST['payment'])); $products = mysql_real_escape_string(addslashes($_REQUEST['products'])); $email = mysql_real_escape_string(addslashes($_REQUEST['email'])); $select1 = mysql_real_escape_string(addslashes($_REQUEST['select1'])); $select2 = mysql_real_escape_string(addslashes($_REQUEST['select2'])); $select3 = mysql_real_escape_string(addslashes($_REQUEST['select3'])); $save=$_POST['save']; if(!empty($save)){ $sql="INSERT INTO gj (name, phone, city, zipcode, description, dateadded, website, address1, other2, payment_options, Products, email,cat1,cat2,cat3) VALUES ('$companyname','$phone','$city','$zipcode','$description',curdate(),'$website','$address','$other','$payment','$products','$email','$select1','$select2','$select3')"; if (!mysql_query($sql,$link)) { die('Error: ' . mysql_error()); } echo "<br/><h2><font color='green' style='font-size:15px'>1 business added</font></h2>"; mysql_close($link); } ?>

    Read the article

  • how to prevent database to add slash to quotes

    - by black sensei
    i know this sounds really common and so trivial but , am having a challenge here. I have a web site with Zend/Doctrine and i use ckeditor for the backend management. after uploading the site i've realized that during edit testing the look and feel of the site is messed up. with the help of firebug, i've seen that there are slashes all over the html. after inline edition, the look and feel came back to normal. There are so many files , i can't think of doing other decoding before outputting data from mysql. What options do i have to solve this problem. the site is up already and i feel a bit unconfortable about this. Can anyone give a hint? thanks

    Read the article

  • php validation code format

    - by user2970887
    Okay I have this MySQL database form and am trying to add validation to it. After 2 days of fighting with it, I thought I would get some advice. Would like that the selected item from dropdown and Firstname, Phone, Email, are all required. Then I want to verify that the data in the Firstname, Lastname, Phone (doesn't have to be any special format), Email and Comments are all acceptable formats before putting in database. Here is what I have so far: <?php include('inc_header.php'); if(isset($_POST['add'])) { require('dbcon.php'); if(! get_magic_quotes_gpc() ) { $Id = addslashes ($_POST['Id']); $List = addslashes ($_POST['List']); $Firstname = addslashes ($_POST['Firstname']); $Lastname = addslashes ($_POST['Lastname']); $Phone = addslashes ($_POST['Phone']); $Email= addslashes ($_POST['Email']); $Calltime = addslashes ($_POST['Calltime']); $Comment = addslashes ($_POST['Comment']); } else { $Id = $_POST['Id']; $Date = $_POST['Date']; $List = $_POST['List']; $Firstname = $_POST['Firstname']; $Lastname = $_POST['Lastname']; $Phone = $_POST['Phone']; $Email = $_POST['Email']; $Calltime = $_POST['Calltime']; $Comment = $_POST['Comment']; } $error = ''; //put chosen function here function validate_Firstname($input, $pattern = "/([A-Za-z0-9])") { return !preg_match($pattern, $input); } function validate_Phone($input, $pattern = "/([A-Za-z0-9])") { return !preg_match($pattern, $input); } function isValidEmail( $Email ){ return filter_var( $Email, FILTER_VALIDATE_EMAIL ); } //get values and validate each one as required $List = mysql_real_escape_string($_POST['List']); if(!$List){ $error .= "Please choose one<br />"; } $Firstname = mysql_real_escape_string($_POST['Firstname']); if(!$Firstname){ $error .= "First name is required<br />"; } //get values and validate each one as required $Lastname = mysql_real_escape_string($_POST['Lastname']); if(!$Lastname){ $error .= "Last name is required<br />"; } //repeat for each field $Email = mysql_real_escape_string($_POST['Email']); if(!isValidEmail($Email)){ $error .= "The email entered is invalid<br />"; } //and so on... if(!$error){ //add insert into database code here $sql = "INSERT INTO contacts ". "(`Id`,`Date`,`List`,`Firstname`,`Lastname`,`Phone`,`Email`,`Calltime`,`Comment`)". "VALUES'$Id,','$Date','$List','$Firstname','$Lastname','$Phone','$Email','$Calltime','$Comment') "; mysql_select_db('hmintcwa_contacts'); $retval = mysql_query( $sql, $conn ); if(! $retval ) { die('Could not enter data: ' . mysql_error()); } echo "Entered data successfully<br /><br /><a href=contactsadd.php><font color=#000000>Back</font></a>\n"; mysql_close($conn); } else { ?> <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" name="ContactForm"> <table bgcolor="#000000" width="500" cellpadding="5" cellspacing="1" border="0"> <input type="hidden" name="Id" id="Id"> <tr> <td bgcolor="#e9e9e9" align="right">Requested Info</td> <td bgcolor="#ffffff" align="left"><select name="List"> <option value="0" > Please Choose One </option> <option value="Market Analysis" > Market Analysis </option> <option value="Consultation" > Consultation </option></select></td></tr> <tr> <td bgcolor="#e9e9e9" align="right">Date</td> <input name="Date" type="hidden" id="Date" value="<? print(Date("l F d, Y")); ?>" /> <td bgcolor="#ffffff" align="left"><? print(Date("l F d, Y")); ?></td> </tr> <tr> <td bgcolor="#e9e9e9" align="right">Firstname</td> <td bgcolor="#ffffff" align="left"><input name="Firstname" type="text" size="20" id="Firstname"></td></tr> <tr> <td bgcolor="#e9e9e9" align="right">Lastname</td> <td bgcolor="#ffffff" align="left"><input type="text" name="Lastname" size="20" id="Lastname"></td> </tr> <tr> <td bgcolor="#e9e9e9" align="right">Phone</td> <td bgcolor="#ffffff" align="left"><input type="text" name="Phone" size="20" id="Phone"></td></tr> <tr> <td bgcolor="#e9e9e9" align="right">Email</td> <td bgcolor="#ffffff" align="left"><input type="text" name="Email" size="20" id="Email"></td></tr> <tr> <td bgcolor="#e9e9e9" align="right">Preferred Calltime</td> <td bgcolor="#ffffff" align="left"><input type="text" name="Calltime" size="20" id="Calltime"> &nbsp;&nbsp; If none put N/A</td></tr> <tr> <td bgcolor="#e9e9e9" align="right">Comment</td> <td bgcolor="#ffffff" align="left"><textarea name="Comment" cols="40" rows="8" id="Comment"></textarea></td></tr> <tr> <td bgcolor="#e9e9e9" align="right">&nbsp;</td> <td bgcolor="#ffffff" align="center"><br> <input name="add" type="submit" id="add" value="Add Contact"><input type="reset" name="Reset" value="Clear Form"><input type=button value="Cancel" onClick="history.go(-1)"><br>&nbsp; </td> </tr> </table> </form> <br>&nbsp;</center> <?php } ?> </body> </html> So far I just keep chasing error message. Please forgive formatting I am trying to learn be gentle.

    Read the article

  • parsing xml with php, children

    - by moustafa
    Hello I successfully created my parser Everything is working great except one thing since my xml is formated a little different and I am totally lost on how to assign variable to the children of . xml portion <item> <url /> <name /> - <photos> <photo>1020944_0.jpg</photo> <photo>1020944_1.jpg</photo> <photo>1020944_2.jpg</photo> </photos> <user_id /> </item> PHP code <? global $insideitem, $tag, $name, $photos, $user_id; global $count,$db; $db = mysql_connect("localhost", "user","pass"); mysql_select_db("db_name",$db); $result = mysql_query("SELECT user_id FROM table,$db); while ($myrow = mysql_fetch_array($result)){ $uid=$myrow['user_id']; $UN_ID[$uid]=$uid; } $count=1; $count2=1; // ########################################################## // ************* START ELEMENT FUNCTION ********************* // ########################################################## function startElement($parser, $name, $attrs) { global $insideitem, $tag, $name, $photos, $user_id; if ($insideitem) { $tag = $name; } elseif($name == "ITEM"){ $insideitem = true; } } function endElement($parser, $name) { global $insideitem, $tag, $name, $photos, $user_id; global $count,$count2,$db,$UN_ID; if ($name == "ITEM") { if(!$UN_ID[$unique_id]){ $name=addslashes($name); $photo1=addslashes($photo); $photo2=addslashes($photo); $photo3=addslashes($photo); $photo4=addslashes($photo); $user_id=addslashes($category); $sql = "INSERT INTO table ( name, photo1, photo2, photo3, photo4, user_id ) VALUES ( '$name', '$photo', '$photo', '$photo', '$photo', '$user_id', )"; $resultupdate = mysql_query($sql); } $name=''; $photos=''; $user_id=''; } } function characterData($parser, $data) { global $insideitem, $tag, $name, $photos, $user_id; if ($insideitem) { switch ($tag) { case "NAME": $name .= $data; break; case "PHOTOS": $photos .= $data; break; case "USER_ID": $user_id .= $data; break; } } } $xml_parser = xml_parser_create(); xml_set_element_handler($xml_parser, "startElement", "endElement"); xml_set_character_data_handler($xml_parser, "characterData"); $fp = fopen("../myfile.xml","r") or die("Error reading RSS data."); while ($data = fread($fp, 4096)) // Parse each 4KB chunk with the XML parser created above xml_parse($xml_parser, $data, feof($fp)) // Handle errors in parsing or die(sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser))); fclose($fp); // ########################################################## // *********************** FREE MEMORY ********************** // ########################################################## xml_parser_free($xml_parser); ?> The number of tags can range between 1-4. I have tried searching everywhere for info on how to do this and tried everything but I just cant get it. After several days of this giving me headaches I really hope some one can enlighten me.

    Read the article

  • SQL wont work? It doesn't come up with errors either

    - by Stefan
    Hey there, I have php function which checks to see if variables are set and then adds them onto my sql query. However I am don't seem to be getting any results back!? $where_array = array(); if (array_key_exists("location", $_GET)) { $location = addslashes($_GET['location']); $where_array[] = "`mainID` = '".$location."'"; } if (array_key_exists("gender", $_GET)) { $gender = addslashes($_GET["gender"]); $where_array[] = "`gender` = '".$gender."'"; } if (array_key_exists("hair", $_GET)) { $hair = addslashes($_GET["hair"]); $where_array[] = "`hair` = '".$hair."'"; } if (array_key_exists("area", $_GET)) { $area = addslashes($_GET["area"]); $where_array[] = "`locationID` = '".$area."'"; } $where_expr = ''; if ($where_array) { $where_expr = "WHERE " . implode(" AND ", $where_array); } $sql = "SELECT `postID` FROM `posts` ". $where_expr; $dbi = new db(); $result = $dbi->query($sql); $r = mysql_fetch_row($result); I'm trying to call the data after in a list like so: $dbi = new db(); $offset = ($currentpage - 1) * $rowsperpage; // get the info from the db $sql .= " ORDER BY `time` DESC LIMIT $offset, $rowsperpage"; $result = $dbi->query($sql); // while there are rows to be fetched... while ($row = mysql_fetch_object($result)){ // echo data echo $row['text']; } // end while Anyone got any ideas why I am not retrieving any data? -Stefan

    Read the article

  • INSERT INTO error MYSQL/PHP

    - by bat
    I get this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order (total, addy, cc) VALUES ('798' , '123 sadf' , '12124123')' at line 1 $total = addslashes(($_SESSION['total'])); $addy = addslashes(($_POST['addy'])); $cc = addslashes(($_POST['cc'])); echo "$total"; echo "$addy"; echo "$cc"; mysql_query("INSERT INTO order (total, addy, cc) VALUES ('$total' , '$addy' , '$cc')") or die(mysql_error()); help plz =]

    Read the article

  • Are there any security vulnerabilities in this PHP code?

    - by skorned
    Hi. I just got a site to manage, but am not too sure about the code the previous guy wrote. I'm pasting the login procedure below, could you have a look and tell me if there are any security vulnerabilities? At first glance, it seems like one could get in through SQL injection or manipulating cookies and the ?m= parameter. define ( 'CURRENT_TIME', time ()); / / Current time. define ( 'ONLINE_TIME_MIN', (CURRENT_TIME - BOTNET_TIMEOUT)); / / Minimum time for the status of "Online". define ( 'DEFAULT_LANGUAGE', 'en'); / / Default language. define ( 'THEME_PATH', 'theme'); / / folder for the theme. / / HTTP requests. define ( 'QUERY_SCRIPT', basename ($ _SERVER [ 'PHP_SELF'])); define ( 'QUERY_SCRIPT_HTML', QUERY_SCRIPT); define ( 'QUERY_VAR_MODULE', 'm'); / / variable contains the current module. define ( 'QUERY_STRING_BLANK', QUERY_SCRIPT. '? m ='); / / An empty query string. define ( 'QUERY_STRING_BLANK_HTML', QUERY_SCRIPT_HTML. '? m ='); / / Empty query string in HTML. define ( 'CP_HTTP_ROOT', str_replace ( '\ \', '/', (! empty ($ _SERVER [ 'SCRIPT_NAME'])? dirname ($ _SERVER [ 'SCRIPT_NAME']):'/'))); / / root of CP. / / The session cookie. define ( 'COOKIE_USER', 'p'); / / Username in the cookies. define ( 'COOKIE_PASS', 'u'); / / user password in the cookies. define ( 'COOKIE_LIVETIME', CURRENT_TIME + 2592000) / / Lifetime cookies. define ( 'COOKIE_SESSION', 'ref'); / / variable to store the session. define ( 'SESSION_LIVETIME', CURRENT_TIME + 1300) / / Lifetime of the session. ////////////////////////////////////////////////// ///////////////////////////// / / Initialize. ////////////////////////////////////////////////// ///////////////////////////// / / Connect to the database. if (! ConnectToDB ()) die (mysql_error_ex ()); / / Connecting topic. require_once (THEME_PATH. '/ index.php'); / / Manage login. if (! empty ($ _GET [QUERY_VAR_MODULE])) ( / / Login form. if (strcmp ($ _GET [QUERY_VAR_MODULE], 'login') === 0) ( UnlockSessionAndDestroyAllCokies (); if (isset ($ _POST [ 'user']) & & isset ($ _POST [ 'pass'])) ( $ user = $ _POST [ 'user']; $ pass = md5 ($ _POST [ 'pass']); / / Check login. if (@ mysql_query ( "SELECT id FROM cp_users WHERE name = '". addslashes ($ user). "' AND pass = '". addslashes ($ pass). "' AND flag_enabled = '1 'LIMIT 1") & & @ mysql_affected_rows () == 1) ( if (isset ($ _POST [ 'remember']) & & $ _POST [ 'remember'] == 1) ( setcookie (COOKIE_USER, md5 ($ user), COOKIE_LIVETIME, CP_HTTP_ROOT); setcookie (COOKIE_PASS, $ pass, COOKIE_LIVETIME, CP_HTTP_ROOT); ) LockSession (); $ _SESSION [ 'Name'] = $ user; $ _SESSION [ 'Pass'] = $ pass; / / UnlockSession (); header ( 'Location:'. QUERY_STRING_BLANK. 'home'); ) else ShowLoginForm (true); die (); ) ShowLoginForm (false); die (); ) / / Output if (strcmp ($ _GET [ 'm'], 'logout') === 0) ( UnlockSessionAndDestroyAllCokies (); header ( 'Location:'. QUERY_STRING_BLANK. 'login'); die (); ) ) ////////////////////////////////////////////////// ///////////////////////////// / / Check the login data. ////////////////////////////////////////////////// ///////////////////////////// $ logined = 0, / / flag means, we zalogininy. / / Log in session. LockSession (); if (! empty ($ _SESSION [ 'name']) & &! empty ($ _SESSION [ 'pass'])) ( if (($ r = @ mysql_query ( "SELECT * FROM cp_users WHERE name = '". addslashes ($ _SESSION [' name'])."' AND pass = ' ". addslashes ($ _SESSION [' pass']). " 'AND flag_enabled = '1' LIMIT 1 ")))$ logined = @ mysql_affected_rows (); ) / / Login through cookies. if ($ logined! == 1 & &! empty ($ _COOKIE [COOKIE_USER]) & &! empty ($ _COOKIE [COOKIE_PASS])) ( if (($ r = @ mysql_query ( "SELECT * FROM cp_users WHERE MD5 (name )='". addslashes ($ _COOKIE [COOKIE_USER ])."' AND pass = '". addslashes ($ _COOKIE [COOKIE_PASS]). " 'AND flag_enabled = '1' LIMIT 1 ")))$ logined = @ mysql_affected_rows (); ) / / Unable to login. if ($ logined! == 1) ( UnlockSessionAndDestroyAllCokies (); header ( 'Location:'. QUERY_STRING_BLANK. 'login'); die (); ) / / Get the user data. $ _USER_DATA = @ Mysql_fetch_assoc ($ r); if ($ _USER_DATA === false) die (mysql_error_ex ()); $ _SESSION [ 'Name'] = $ _USER_DATA [ 'name']; $ _SESSION [ 'Pass'] = $ _USER_DATA [ 'pass']; / / Connecting language. if (@ strlen ($ _USER_DATA [ 'language'])! = 2 | |! SafePath ($ _USER_DATA [ 'language']) | |! file_exists ( 'system / lng .'.$_ USER_DATA [' language '].' . php'))$_ USER_DATA [ 'language'] = DEFAULT_LANGUAGE; require_once ( 'system / lng .'.$_ USER_DATA [' language'].'. php '); UnlockSession ();

    Read the article

  • Serializing array in PHP, preventing injection

    - by Cyclone
    I'm writing a PHP script which uses serialized arrays to store data. How can I prevent injection in serialization? It would be very easy to name your account: something";s:6:"access";s:5:"admin"; for a simple example. The user could then add the rest of the needed parameters somehow. Would addslashes work for this? Does the php unserialize pick up on that as being an escaped character? If so, is it possible to apply addslashes to an entire array without iterating through? Thanks for the help!

    Read the article

  • Accettend letter and other graphic simbols PHP->JS

    - by Kreker
    I have to read a txt via file php. This file contains some normal so may contains this kind of symbols : € é ò à ° % etc I read the content in php with file_get_contents and transform these for inserenting in SQL database. $contFile = file_get_contents($pathFile); $testoCommento = htmlspecialchars($contFile,ENT_QUOTES); $testoCommento = addslashes($testoCommento); Now if I have this text for example : "l'attesa ?é cruciale fino a quando il topo non viene morso dall'?€" in the database I have this: l&#039;attesa è cruciale fino a quando il topo non veniene morso dall&#039;€ When I was GETTING the data from the database I use the php function for decode html entites $descrizione = htmlspecialchars_decode($risultato['descrizione'],ENT_QUOTES); $descrizione = addslashes($descrizione); Now I use jasvascript and AJAX for getting the table content and display to an HTML page In the browser instead of getting the correct text (€,è) I have square symbol. I think there is some mess with charset code/decode but never figured out. The SQL' table is in "utf8_unicode_ci" format and the column in "utf8_general_ci". The content-type of the page is <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> Thanks for help me!

    Read the article

  • wp+sql+image not goin in the folder

    - by happy
    this is my code for uploading image in database but image are going to the desird forlder...but when i m tryin to retrieve the images to diaplay,,they are not displayed..anyone help me...... $category=$_POST['category']; $uploadDir = 'D:/xampp/htdocs/js/wordpress/wp-content/plugins/img/imagess/ '; $fileName = $_FILES['Photo']['name']; $tmpName = $_FILES['Photo']['tmp_name']; $fileSize = $_FILES['Photo']['size']; $fileType = $_FILES['Photo']['type']; $filePath = $uploadDir . $fileName; $result = move_uploaded_file($tmpName,$filePath); if (!$result) { echo "Error uploading file"; exit; } if(!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); $filePath = addslashes($filePath); } global $wpdb; //$insert=$wpdb->insert('images',array('image_name'=>$filePath,'cat_name'=>$category),array('%b','%s')); $insert=$wpdb->insert('images',array('image_name'=>$filePath,'cat_name'=>$category)); $wpdb->insert('categories',array('cat_name'=>$category)); echo "Successfully Submitted";

    Read the article

  • Escaping Strings in JavaScript

    - by Steve Harrison
    Hello, Does JavaScript have a built-in function like PHP's addslashes (or addcslashes) function to add backslashes to characters that need escaping in a string? For example, this: This is a demo string with 'single-quotes' and "double-quotes". ...would become: This is a demo string with \'single-quotes\' and \"double-quotes\". Thanks, Steve

    Read the article

  • Escaping escape Characters

    - by Alix Axel
    I'm trying to mimic the json_encode bitmask flags implemented in PHP 5.3.0, here is the string I have: $s = addslashes('O\'Rei"lly'); // O\'Rei\"lly Doing json_encode($str, JSON_HEX_APOS | JSON_HEX_QUOT) outputs the following: "O\\\u0027Rei\\\u0022lly" And I'm currently doing this in PHP versions older than 5.3.0: str_replace(array('\\"', "\\'"), array('\\u0022', '\\\u0027'), json_encode($s)) or str_replace(array('\\"', '\\\''), array('\\u0022', '\\\u0027'), json_encode($s)) Which correctly outputs the same result: "O\\\u0027Rei\\\u0022lly" I'm having trouble understanding why do I need to replace single quotes ('\\\'' or even "\\'" [surrounding quotes excluded]) with '\\\u0027' and not just '\\u0027'.

    Read the article

  • Could not log-in properly but shows no error in joomla

    - by saeha
    This is what I did, I added variables in \libraries\joomla\database\table\user.php: var $img_content= null; //contains the blob type data var $img_name = null; var $img_type = null; then I added this code in \components\com_user\controller.php: $file = JRequest::getVar( 'pic', '', 'files', 'array' ); if(isset($file['name'])) { jimport('joomla.filesystem.file'); $fileName = $file['name']; $tmpName = $file['tmp_name']; $fileSize = $file['size']; $fileType = $file['type']; $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); //$content = addslashes($content); fclose($fp); $user->set('img_name', $fileName); $user->set('img_type', $fileType); $user->set('img_content', $content); } that works fine, but I found this problem in logging in with the new user with an uploaded photo, other user with an empty img_content field could login properly. What happens is when I log-in using the user with uploaded photo, it's not redirecting properly it just return to log-in, but when i log-in through backend using other user which is super admin, i could see that user which appears as logged in. I started saving the images in the database because I am having problem with the directory when I have uploaded the site. I think the log-in was affected by the blob type data in the database. Could that be the problem? What could be the solution? -saeha

    Read the article

  • Magic quotes in PHP

    - by VirtuosiMedia
    According to the PHP manual, in order to make code more portable, they recommend using something like the following for escaping data: if (!get_magic_quotes_gpc()) { $lastname = addslashes($_POST['lastname']); } else { $lastname = $_POST['lastname']; } I have other validation checks that I will be performing, but how secure is the above strictly in terms of escaping data? I also saw that magic quotes will be deprecated in PHP 6. How will that affect the above code? I would prefer not to have to rely on a database-specific escaping function like mysql_real_escape_string().

    Read the article

  • Regex in MySql - replace between Tags including Tags

    - by user998163
    I have a text like: [lang_de]Content in German[/lang_de][lang_en]Content in English[/lang_en]. I want to replace all text between [lang_en] and [/lang_en] including the opening and closing language tag. This is my current regex: UPDATE wp_posts SET post_content = '" . addslashes(preg_replace("/[lang_en](.*)[\/lang_en]/", '', $row['post_content'])) . "' WHERE ID = " . $row['ID'] With this regex, I do not get a valid results. It also replaces in html tags and so on. What would be the correct regex?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1 2 3  | Next Page >