James Arthur wrote:
> Hi
> I need a user to be able to enter submit HTML code (also perhaps containing
> PHP code) via a web form, which will then be entered into a database.
> The data is typed in to a textarea, which is then posted to my script. I
> notice that some special characters come out of this process escaped, but the
> escaping sequence does not appear to be entirely compatible with the SQL
> query I'm using to insert it into a table.
> Can anyone tell me the correct way to convert the output from the form into a
> format that PostgreSQL will accept, and then how to convert it back so that
> it's identical to what the user entered before being escaped by post (so that
> I can just use print to print it out)?

If you really need to store and retrive amounts of data of arbitrary
size, you need to use large object fields (LOBs). The usage of this type
of fields varies a lot with the type of database that you are using.

You may want to try Metabase which is a database abstraction package
that provides a database independent API to let you access to
information stored in SQL databases. One of the aspects that Metabase
handles for you with a single set of functions that does not depend on
the database is creating, storing and retrieving data from tables with
large object fields (LOBs).

Take a look here, where you will find Metabase classes and also
comprehensive reference documentation and a tutorial that not only tells
you how to use Metabase capabilities, but also provides a good
introduction to Large Object fields among other not so trivial to use
database features, like transactions, prepared queries, etc...


Manuel Lemos

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to