Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
On Fri, 1 Oct 2004 11:47:50 +1000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I made the change but the domain\username now appears in my database as: > domainusername You probably have the magic quotes enabled. The manual page( http://www.php.net/manual/en/function.mysql-real-escape-string.php ) says something about it. It even provides a sample code for automatically handling the magic quotes setting (see the last code block). Do try the examples first, character escaping IS A confusing issue. ramil -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
I made the change but the domain\username now appears in my database as: domainusername -Original Message- From: Ramil Sagum [mailto:[EMAIL PROTECTED] Sent: Friday, 1 October 2004 11:40 AM To: Baiocchi, Justin (CSIRO IT, Armidale) Cc: [EMAIL PROTECTED] Subject: Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem On Fri, 1 Oct 2004 11:32:29 +1000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > No, still no idea :) > $sql = "INSERT INTO aec SET date='$date', title='$title', > ident='$ident', id='$id'"; > mysql_query($sql); I feel good today :) so, $sql = "INSERT INTO aec SET date='$date', title='$title', ident='" . mysql_real_escape_string($ident) . "', id='$id'"; (After it works and everything is crystal clear, you might want to try validating the title, ident and id BEFORE using it in the query. ) HTH! ramil http://ramil.sagum.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
On Fri, 1 Oct 2004 11:32:29 +1000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > No, still no idea :) > $sql = "INSERT INTO aec SET date='$date', title='$title', > ident='$ident', id='$id'"; > mysql_query($sql); I feel good today :) so, $sql = "INSERT INTO aec SET date='$date', title='$title', ident='" . mysql_real_escape_string($ident) . "', id='$id'"; (After it works and everything is crystal clear, you might want to try validating the title, ident and id BEFORE using it in the query. ) HTH! ramil http://ramil.sagum.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
No, still no idea :) I did read the manual but I can't figure out how to use it in my script. I'll paste the page below: AEC Submission Title: mailto:[EMAIL PROTECTED] Sent: Friday, 1 October 2004 11:24 AM To: [EMAIL PROTECTED] Subject: Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem Thus wrote justin: > Thanks Ramil, > > I knew it had something to do with the \, but I still can't figure out > how to get the variable into the database without the extra '\' > It is entered into the database via a form using the input below: > > > > Where would I use the mysql_real_escape_string ? >From the manual: "This function will escape special characters in the unescaped_string, taking into account the current character set of the connection so that it is safe to place it in a mysql_query(). " an example from the manual: $query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'", mysql_real_escape_string($user), mysql_real_escape_string($password)); mysql_query($query); I hope this is enough :) ramil http://ramil.sagum.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
Thus wrote justin: > Thanks Ramil, > > I knew it had something to do with the \, but I still can't figure out > how to get the variable into the database without the extra '\' > It is entered into the database via a form using the input below: > > > > Where would I use the mysql_real_escape_string ? >From the manual: "This function will escape special characters in the unescaped_string, taking into account the current character set of the connection so that it is safe to place it in a mysql_query(). " an example from the manual: $query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'", mysql_real_escape_string($user), mysql_real_escape_string($password)); mysql_query($query); I hope this is enough :) ramil http://ramil.sagum.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
Thanks Ramil, I knew it had something to do with the \, but I still can't figure out how to get the variable into the database without the extra '\' It is entered into the database via a form using the input below: Where would I use the mysql_real_escape_string ? Thanks Justin -Original Message- From: Ramil Sagum [mailto:[EMAIL PROTECTED] Sent: Friday, 1 October 2004 10:46 AM To: Baiocchi, Justin (CSIRO IT, Armidale) Cc: [EMAIL PROTECTED] Subject: Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem On Fri, 1 Oct 2004 10:27:45 +1000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hi, > > When I use the variable $_SERVER['AUTH_USER'] it comes out as > domain\\username when inserted into the MySQL database. So when I try to > update the record looking for a match as below it doesn't work because > the query is looking for where ident=domain\username. > > $result = mysql_query("UPDATE aec SET filename='$filename' WHERE > ident='".$_SERVER['AUTH_USER']."'") or die (mysql_error()); > > Anybody know what I am doing wrong? In MySQL, \ is an escape character. \\ stands for an actual \. for details, just click the link and read on http://www.php.net/manual/en/function.mysql-real-escape-string.php ramil http://ramil.sagum.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] The variable $_SERVER['AUTH_USER'] gives domain\\username problem
On Fri, 1 Oct 2004 10:27:45 +1000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hi, > > When I use the variable $_SERVER['AUTH_USER'] it comes out as > domain\\username when inserted into the MySQL database. So when I try to > update the record looking for a match as below it doesn't work because > the query is looking for where ident=domain\username. > > $result = mysql_query("UPDATE aec SET filename='$filename' WHERE > ident='".$_SERVER['AUTH_USER']."'") or die (mysql_error()); > > Anybody know what I am doing wrong? In MySQL, \ is an escape character. \\ stands for an actual \. for details, just click the link and read on http://www.php.net/manual/en/function.mysql-real-escape-string.php ramil http://ramil.sagum.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php