Re: [PHP-DB] Passing form values with quotes, to itself
Hi - I actually got this to work for me - if you remember, I wasn't having problems writing values w/ double or single quotes to the database - it was passing the form values from page to page, inside text boxes, etc. What I had to do was use: Then if a user editted a field, clicked a button to preview it, editted it again, previewed it again, etc. 10 times before they saved it to the db, they wouldn't get slashes before single and double quotes. What we do for end-users -- Faye Keesic Computer Programmer Analyst/Web Page Design > From: "Peter Lovatt" <[EMAIL PROTECTED]> > Date: Thu, 14 Feb 2002 21:50:25 - > To: "Jim Lucas [php]" <[EMAIL PROTECTED]>, "William Fong" > <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> > Subject: RE: [PHP-DB] Passing form values with quotes, to itself > > Hi > > I spent ages trying to get it to work. Echoing the " always closes the text > area in an input box, so any data after the quotes isn't displayed. Its > fundamental to the HTML, so adding slashes is irrelevant. > > What I did in the end was to swap double quotes " for two single quotes '' > using ereg_replace. It looks a little odd sometimes, but it works. You swap > it back again when you insert or update the data and addslashes to make sure > it inserts safely. > > Not sure if there are more elegant answers > > email me offlist if you would like the code > > HTH > > Peter > > --- > Excellence in internet and open source software > --- > Sunmaia > www.sunmaia.net > [EMAIL PROTECTED] > tel. 0121-242-1473 > --------------- > >> -----Original Message- >> From: Jim Lucas [php] [mailto:[EMAIL PROTECTED]] >> Sent: 14 February 2002 18:34 >> To: William Fong; [EMAIL PROTECTED] >> Subject: Re: [PHP-DB] Passing form values with quotes, to itself >> >> >> it is called magic quotes and it can be enabled through the php.ini file. >> >> Jim Lucas >> - Original Message - >> From: "William Fong" <[EMAIL PROTECTED]> >> To: <[EMAIL PROTECTED]> >> Sent: Wednesday, February 13, 2002 10:36 AM >> Subject: Re: [PHP-DB] Passing form values with quotes, to itself >> >> >>> Doesn't PHP have something that will automatically do this? I can't >>> remember, but I think you had to enable it in php.ini or when >> you compile. >>> >>> (just like to know for future reference). >>> >>> thx. >>> >>> -w >>> >>> -- >>> William Fong - [EMAIL PROTECTED] >>> Phone: 626.968.6424 x210 | Fax: 626.968.6877 >>> Wireless #: 805.490.7732| Wireless E-mail: >> [EMAIL PROTECTED] >>> >>> >>> >>> >>> - Original Message - >>> From: "David Fudge" <[EMAIL PROTECTED]> >>> To: <[EMAIL PROTECTED]> >>> Sent: Wednesday, February 13, 2002 10:12 AM >>> Subject: Re: [PHP-DB] Passing form values with quotes, to itself >>> >>> >>> : before you submit to the db, you have to escape the quotes like this: >>> : >>> : $Body = addslashes($Body); >>> : all " " will show up as \" \" >>> : and ' ' will be \' \' >>> : >>> : when you pull the info from the db, you'll have to use >> "stripslashes()" >> to >>> : remove those you put in. >>> : $Body = stripslashes($Body_from_db); >>> : >>> : - Original Message - >>> : From: "Faye Keesic" <[EMAIL PROTECTED]> >>> : To: <[EMAIL PROTECTED]> >>> : Sent: Wednesday, February 13, 2002 1:02 PM >>> : Subject: [PHP-DB] Passing form values with quotes, to itself >>> : >>> : >>> : > Hi there. >>> : > >>> : > I have a form that contains several fields w/ text info >> (which may or >>> may >>> : > not contain single and double quotes). >>> : > >>> : > When the user clicks Preview, the form's action is set to >> call itself >>> : > ($PHP_SELF), and the info is displayed nicely so they can read it >> over, >>> : and >>> : > verify it before saving to the db. >>> : > >>> : > What I'm having problems with is that when the data has quotes, the >> text >>> : > data cuts off. >>> : >
RE: [PHP-DB] Passing form values with quotes, to itself
Hi I spent ages trying to get it to work. Echoing the " always closes the text area in an input box, so any data after the quotes isn't displayed. Its fundamental to the HTML, so adding slashes is irrelevant. What I did in the end was to swap double quotes " for two single quotes '' using ereg_replace. It looks a little odd sometimes, but it works. You swap it back again when you insert or update the data and addslashes to make sure it inserts safely. Not sure if there are more elegant answers email me offlist if you would like the code HTH Peter --- Excellence in internet and open source software --- Sunmaia www.sunmaia.net [EMAIL PROTECTED] tel. 0121-242-1473 --- > -Original Message- > From: Jim Lucas [php] [mailto:[EMAIL PROTECTED]] > Sent: 14 February 2002 18:34 > To: William Fong; [EMAIL PROTECTED] > Subject: Re: [PHP-DB] Passing form values with quotes, to itself > > > it is called magic quotes and it can be enabled through the php.ini file. > > Jim Lucas > - Original Message - > From: "William Fong" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, February 13, 2002 10:36 AM > Subject: Re: [PHP-DB] Passing form values with quotes, to itself > > > > Doesn't PHP have something that will automatically do this? I can't > > remember, but I think you had to enable it in php.ini or when > you compile. > > > > (just like to know for future reference). > > > > thx. > > > > -w > > > > -- > > William Fong - [EMAIL PROTECTED] > > Phone: 626.968.6424 x210 | Fax: 626.968.6877 > > Wireless #: 805.490.7732| Wireless E-mail: > [EMAIL PROTECTED] > > > > > > > > > > - Original Message - > > From: "David Fudge" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, February 13, 2002 10:12 AM > > Subject: Re: [PHP-DB] Passing form values with quotes, to itself > > > > > > : before you submit to the db, you have to escape the quotes like this: > > : > > : $Body = addslashes($Body); > > : all " " will show up as \" \" > > : and ' ' will be \' \' > > : > > : when you pull the info from the db, you'll have to use > "stripslashes()" > to > > : remove those you put in. > > : $Body = stripslashes($Body_from_db); > > : > > : - Original Message - > > : From: "Faye Keesic" <[EMAIL PROTECTED]> > > : To: <[EMAIL PROTECTED]> > > : Sent: Wednesday, February 13, 2002 1:02 PM > > : Subject: [PHP-DB] Passing form values with quotes, to itself > > : > > : > > : > Hi there. > > : > > > : > I have a form that contains several fields w/ text info > (which may or > > may > > : > not contain single and double quotes). > > : > > > : > When the user clicks Preview, the form's action is set to > call itself > > : > ($PHP_SELF), and the info is displayed nicely so they can read it > over, > > : and > > : > verify it before saving to the db. > > : > > > : > What I'm having problems with is that when the data has quotes, the > text > > : > data cuts off. > > : > > > : > If I use: > > : > then double quotes are cut off. > > : > > > : > If I use: > > : > then single quotes are cut off. > > : > > > : > I want nothing cut off! I've tried addslashes()..still cuts off. > > : > > > : > I hope that all made sense... > > : > -- > > : > Faye > > : > > > : > > > : > -- > > : > PHP Database Mailing List (http://www.php.net/) > > : > To unsubscribe, visit: http://www.php.net/unsub.php > > : > > > : > > : > > : -- > > : PHP Database Mailing List (http://www.php.net/) > > : To unsubscribe, visit: http://www.php.net/unsub.php > > : > > > > > > > > -- > > PHP Database Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Passing form values with quotes, to itself
it is called magic quotes and it can be enabled through the php.ini file. Jim Lucas - Original Message - From: "William Fong" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 13, 2002 10:36 AM Subject: Re: [PHP-DB] Passing form values with quotes, to itself > Doesn't PHP have something that will automatically do this? I can't > remember, but I think you had to enable it in php.ini or when you compile. > > (just like to know for future reference). > > thx. > > -w > > -- > William Fong - [EMAIL PROTECTED] > Phone: 626.968.6424 x210 | Fax: 626.968.6877 > Wireless #: 805.490.7732| Wireless E-mail: [EMAIL PROTECTED] > > > > > - Original Message - > From: "David Fudge" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, February 13, 2002 10:12 AM > Subject: Re: [PHP-DB] Passing form values with quotes, to itself > > > : before you submit to the db, you have to escape the quotes like this: > : > : $Body = addslashes($Body); > : all " " will show up as \" \" > : and ' ' will be \' \' > : > : when you pull the info from the db, you'll have to use "stripslashes()" to > : remove those you put in. > : $Body = stripslashes($Body_from_db); > : > : - Original Message - > : From: "Faye Keesic" <[EMAIL PROTECTED]> > : To: <[EMAIL PROTECTED]> > : Sent: Wednesday, February 13, 2002 1:02 PM > : Subject: [PHP-DB] Passing form values with quotes, to itself > : > : > : > Hi there. > : > > : > I have a form that contains several fields w/ text info (which may or > may > : > not contain single and double quotes). > : > > : > When the user clicks Preview, the form's action is set to call itself > : > ($PHP_SELF), and the info is displayed nicely so they can read it over, > : and > : > verify it before saving to the db. > : > > : > What I'm having problems with is that when the data has quotes, the text > : > data cuts off. > : > > : > If I use: > : > then double quotes are cut off. > : > > : > If I use: > : > then single quotes are cut off. > : > > : > I want nothing cut off! I've tried addslashes()..still cuts off. > : > > : > I hope that all made sense... > : > -- > : > Faye > : > > : > > : > -- > : > PHP Database Mailing List (http://www.php.net/) > : > To unsubscribe, visit: http://www.php.net/unsub.php > : > > : > : > : -- > : PHP Database Mailing List (http://www.php.net/) > : To unsubscribe, visit: http://www.php.net/unsub.php > : > > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Passing form values with quotes, to itself
Doesn't PHP have something that will automatically do this? I can't remember, but I think you had to enable it in php.ini or when you compile. (just like to know for future reference). thx. -w -- William Fong - [EMAIL PROTECTED] Phone: 626.968.6424 x210 | Fax: 626.968.6877 Wireless #: 805.490.7732| Wireless E-mail: [EMAIL PROTECTED] - Original Message - From: "David Fudge" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 13, 2002 10:12 AM Subject: Re: [PHP-DB] Passing form values with quotes, to itself : before you submit to the db, you have to escape the quotes like this: : : $Body = addslashes($Body); : all " " will show up as \" \" : and ' ' will be \' \' : : when you pull the info from the db, you'll have to use "stripslashes()" to : remove those you put in. : $Body = stripslashes($Body_from_db); : : - Original Message - : From: "Faye Keesic" <[EMAIL PROTECTED]> : To: <[EMAIL PROTECTED]> : Sent: Wednesday, February 13, 2002 1:02 PM : Subject: [PHP-DB] Passing form values with quotes, to itself : : : > Hi there. : > : > I have a form that contains several fields w/ text info (which may or may : > not contain single and double quotes). : > : > When the user clicks Preview, the form's action is set to call itself : > ($PHP_SELF), and the info is displayed nicely so they can read it over, : and : > verify it before saving to the db. : > : > What I'm having problems with is that when the data has quotes, the text : > data cuts off. : > : > If I use: : > then double quotes are cut off. : > : > If I use: : > then single quotes are cut off. : > : > I want nothing cut off! I've tried addslashes()..still cuts off. : > : > I hope that all made sense... : > -- : > Faye : > : > : > -- : > PHP Database Mailing List (http://www.php.net/) : > To unsubscribe, visit: http://www.php.net/unsub.php : > : : : -- : PHP Database Mailing List (http://www.php.net/) : To unsubscribe, visit: http://www.php.net/unsub.php : -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Passing form values with quotes, to itself
it will still cut off with the double quots. if you have a double quote inside of a double quoted value property This will still break. it does care if they are escaped. Jim Lucas - Original Message - From: "David Fudge" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 13, 2002 10:12 AM Subject: Re: [PHP-DB] Passing form values with quotes, to itself > before you submit to the db, you have to escape the quotes like this: > > $Body = addslashes($Body); > all " " will show up as \" \" > and ' ' will be \' \' > > when you pull the info from the db, you'll have to use "stripslashes()" to > remove those you put in. > $Body = stripslashes($Body_from_db); > > - Original Message - > From: "Faye Keesic" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, February 13, 2002 1:02 PM > Subject: [PHP-DB] Passing form values with quotes, to itself > > > > Hi there. > > > > I have a form that contains several fields w/ text info (which may or may > > not contain single and double quotes). > > > > When the user clicks Preview, the form's action is set to call itself > > ($PHP_SELF), and the info is displayed nicely so they can read it over, > and > > verify it before saving to the db. > > > > What I'm having problems with is that when the data has quotes, the text > > data cuts off. > > > > If I use: > > then double quotes are cut off. > > > > If I use: > > then single quotes are cut off. > > > > I want nothing cut off! I've tried addslashes()..still cuts off. > > > > I hope that all made sense... > > -- > > Faye > > > > > > -- > > PHP Database Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Passing form values with quotes, to itself
Try this. That should to the job. Jim Lucas - Original Message - From: "Faye Keesic" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 13, 2002 10:02 AM Subject: [PHP-DB] Passing form values with quotes, to itself > Hi there. > > I have a form that contains several fields w/ text info (which may or may > not contain single and double quotes). > > When the user clicks Preview, the form's action is set to call itself > ($PHP_SELF), and the info is displayed nicely so they can read it over, and > verify it before saving to the db. > > What I'm having problems with is that when the data has quotes, the text > data cuts off. > > If I use: > then double quotes are cut off. > > If I use: > then single quotes are cut off. > > I want nothing cut off! I've tried addslashes()..still cuts off. > > I hope that all made sense... > -- > Faye > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Passing form values with quotes, to itself
try: "> Also, please include a sample field value and the results of our tests -Original Message- From: Faye Keesic [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 12:03 PM To: [EMAIL PROTECTED] Subject: [PHP-DB] Passing form values with quotes, to itself Hi there. I have a form that contains several fields w/ text info (which may or may not contain single and double quotes). When the user clicks Preview, the form's action is set to call itself ($PHP_SELF), and the info is displayed nicely so they can read it over, and verify it before saving to the db. What I'm having problems with is that when the data has quotes, the text data cuts off. If I use: then double quotes are cut off. If I use: then single quotes are cut off. I want nothing cut off! I've tried addslashes()..still cuts off. I hope that all made sense... -- Faye -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Passing form values with quotes, to itself
before you submit to the db, you have to escape the quotes like this: $Body = addslashes($Body); all " " will show up as \" \" and ' ' will be \' \' when you pull the info from the db, you'll have to use "stripslashes()" to remove those you put in. $Body = stripslashes($Body_from_db); - Original Message - From: "Faye Keesic" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 13, 2002 1:02 PM Subject: [PHP-DB] Passing form values with quotes, to itself > Hi there. > > I have a form that contains several fields w/ text info (which may or may > not contain single and double quotes). > > When the user clicks Preview, the form's action is set to call itself > ($PHP_SELF), and the info is displayed nicely so they can read it over, and > verify it before saving to the db. > > What I'm having problems with is that when the data has quotes, the text > data cuts off. > > If I use: > then double quotes are cut off. > > If I use: > then single quotes are cut off. > > I want nothing cut off! I've tried addslashes()..still cuts off. > > I hope that all made sense... > -- > Faye > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php