Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
On Fri, 1 Oct 2004 11:47:50 +1000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I made the change but the domain\username now appears in my database as: > domainusername You probably have the magic quotes enabled. The manual page( http://www.php.net/manual/en/function.mysql-real-escape-string.php ) says something about it. It even provides a sample code for automatically handling the magic quotes setting (see the last code block). Do try the examples first, character escaping IS A confusing issue. ramil -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
I made the change but the domain\username now appears in my database as: domainusername -Original Message- From: Ramil Sagum [mailto:[EMAIL PROTECTED] Sent: Friday, 1 October 2004 11:40 AM To: Baiocchi, Justin (CSIRO IT, Armidale) Cc: [EMAIL PROTECTED] Subject: Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem On Fri, 1 Oct 2004 11:32:29 +1000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > No, still no idea :) > $sql = "INSERT INTO aec SET date='$date', title='$title', > ident='$ident', id='$id'"; > mysql_query($sql); I feel good today :) so, $sql = "INSERT INTO aec SET date='$date', title='$title', ident='" . mysql_real_escape_string($ident) . "', id='$id'"; (After it works and everything is crystal clear, you might want to try validating the title, ident and id BEFORE using it in the query. ) HTH! ramil http://ramil.sagum.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
On Fri, 1 Oct 2004 11:32:29 +1000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > No, still no idea :) > $sql = "INSERT INTO aec SET date='$date', title='$title', > ident='$ident', id='$id'"; > mysql_query($sql); I feel good today :) so, $sql = "INSERT INTO aec SET date='$date', title='$title', ident='" . mysql_real_escape_string($ident) . "', id='$id'"; (After it works and everything is crystal clear, you might want to try validating the title, ident and id BEFORE using it in the query. ) HTH! ramil http://ramil.sagum.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
No, still no idea :)
I did read the manual but I can't figure out how to use it in my script.
I'll paste the page below:
AEC Submission Title:
mailto:[EMAIL PROTECTED]
Sent: Friday, 1 October 2004 11:24 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives
domain\\username problem
Thus wrote justin:
> Thanks Ramil,
>
> I knew it had something to do with the \, but I still can't figure out
> how to get the variable into the database without the extra '\'
> It is entered into the database via a form using the input below:
>
>
>
> Where would I use the mysql_real_escape_string ?
>From the manual:
"This function will escape special characters in the unescaped_string,
taking into account the current character set of the connection so
that it is safe to place it in a mysql_query(). "
an example from the manual:
$query = sprintf("SELECT * FROM users WHERE user='%s' AND
password='%s'",
mysql_real_escape_string($user),
mysql_real_escape_string($password));
mysql_query($query);
I hope this is enough :)
ramil
http://ramil.sagum.net
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
Thus wrote justin:
> Thanks Ramil,
>
> I knew it had something to do with the \, but I still can't figure out
> how to get the variable into the database without the extra '\'
> It is entered into the database via a form using the input below:
>
>
>
> Where would I use the mysql_real_escape_string ?
>From the manual:
"This function will escape special characters in the unescaped_string,
taking into account the current character set of the connection so
that it is safe to place it in a mysql_query(). "
an example from the manual:
$query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'",
mysql_real_escape_string($user),
mysql_real_escape_string($password));
mysql_query($query);
I hope this is enough :)
ramil
http://ramil.sagum.net
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
Thanks Ramil,
I knew it had something to do with the \, but I still can't figure out
how to get the variable into the database without the extra '\'
It is entered into the database via a form using the input below:
Where would I use the mysql_real_escape_string ?
Thanks
Justin
-Original Message-
From: Ramil Sagum [mailto:[EMAIL PROTECTED]
Sent: Friday, 1 October 2004 10:46 AM
To: Baiocchi, Justin (CSIRO IT, Armidale)
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives
domain\\username problem
On Fri, 1 Oct 2004 10:27:45 +1000, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> Hi,
>
> When I use the variable $_SERVER['AUTH_USER'] it comes out as
> domain\\username when inserted into the MySQL database. So when I try
to
> update the record looking for a match as below it doesn't work because
> the query is looking for where ident=domain\username.
>
> $result = mysql_query("UPDATE aec SET filename='$filename' WHERE
> ident='".$_SERVER['AUTH_USER']."'") or die (mysql_error());
>
> Anybody know what I am doing wrong?
In MySQL, \ is an escape character. \\ stands for an actual \.
for details, just click the link and read on
http://www.php.net/manual/en/function.mysql-real-escape-string.php
ramil
http://ramil.sagum.net
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
On Fri, 1 Oct 2004 10:27:45 +1000, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> Hi,
>
> When I use the variable $_SERVER['AUTH_USER'] it comes out as
> domain\\username when inserted into the MySQL database. So when I try to
> update the record looking for a match as below it doesn't work because
> the query is looking for where ident=domain\username.
>
> $result = mysql_query("UPDATE aec SET filename='$filename' WHERE
> ident='".$_SERVER['AUTH_USER']."'") or die (mysql_error());
>
> Anybody know what I am doing wrong?
In MySQL, \ is an escape character. \\ stands for an actual \.
for details, just click the link and read on
http://www.php.net/manual/en/function.mysql-real-escape-string.php
ramil
http://ramil.sagum.net
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
