Tom: [PHP] magic quotes
Tom,
Sorry for the delay. I have tried your code.
SELECT id,AU,ST,BT,AT FROM ccl_main WHERE MATCH
(TNum,YR,AU,ST,SD,BT,BC,AT,PL,PR,PG,LG,AUS,KW,GEO,AN,RB,CO) AGAINST ('ready maria '
IN BOOLEAN MODE)
ORDER BY id asc
Without the space, as with addslashes, MySQL won't compute the sql.
This is the echo $sql. There is an extra space before the final single quote.
Nonetheless,
$sql = 'SELECT id,AU,ST,BT,AT FROM '.$table.' WHERE MATCH
(TNum,YR,AU,ST,SD,BT,BC,AT,PL,PR,PG,LG,AUS,KW,GEO,AN,RB,CO) AGAINST
(\''.clean_search_string($search).'\' IN BOOLEAN MODE) ORDER BY id asc';
MySQL still thinks it is receiving A boolean +ready and + maria
http://ccl.flsh.usherb.ca/print/index.html
I'm just dumbfounded.
Tom Rogers wrote:
Hi,
Thursday, December 5, 2002, 3:39:20 AM, you wrote:
JTJ What are magic quotes? Will this help me?
JTJ http://news.php.net/article.php?group=php.generalarticle=126934
JTJ How is this different from stripslashes.
JTJ I have RTF doc :)
JTJ http://www.php.net/manual/en/function.get-magic-quotes-gpc.php
JTJ Be gentil ::p
JTJ --
JTJ John Taylor-Johnston
JTJ -
JTJ If it's not open-source, it's Murphy's Law.
JTJ- Université de Sherbrooke:
JTJ http://compcanlit.ca/
magic quotes are slashes that are added to post and get data by PHP
That is probably what is stuffing up :)
I replied to an earlier thread with a possible solution but here it is again...
function clean_search_string($s){
$s = stripslashes($s);
$state = 'S';
$len = strlen($s);
$out = '';
$list = array();
for($i=0;$i$len;$i++){
switch($state){
case 'S':
switch($s[$i]){
case ' ':
break;
case '':
$state = 'Q';
break;
case ':
$state = 'q';
break;
default:
$state = 'W';
$out .= $s[$i];
break;
}
break;
case 'W':
switch($s[$i]){
case ' ':
$state = 'S';
$out = addslashes($out);
$list[] = $out;
$out = '';
break;
default:
$out .= $s[$i];
break;
}
break;
case 'Q':
switch($s[$i]){
case '':
$state = 'S';
$out = ''.addslashes($out).'';
$list[] = $out;
$out = '';
break;
default:
$out .= $s[$i];
break;
}
break;
case 'q':
switch($s[$i]){
case ':
$state = 'S';
$out = ''.addslashes($out).'';
$list[] = $out;
$out = '';
break;
default:
$out .= $s[$i];
break;
}
break;
}
}
if(!empty($out)) $list[] = addslashes($out);;
$r = '';
$x = 0;
while(list($key,$val)=each($list)){
$r .= $val.' ';
}
return $r;
}
$test = addslashes(' +test hello maria fish '.-O'Brian 'big \ test');
$list = clean_search_string($test);
echo $list.'br';
you will then just need SELECT.. AGAINST '$list'
--
Re: Tom: [PHP] magic quotes
Hi,
Thursday, December 5, 2002, 7:11:20 AM, you wrote:
JTJ Tom,
JTJ Sorry for the delay. I have tried your code.
JTJ SELECT id,AU,ST,BT,AT FROM ccl_main WHERE MATCH
JTJ (TNum,YR,AU,ST,SD,BT,BC,AT,PL,PR,PG,LG,AUS,KW,GEO,AN,RB,CO) AGAINST ('ready
maria ' IN BOOLEAN MODE)
JTJ ORDER BY id asc
JTJ Without the space, as with addslashes, MySQL won't compute the sql.
JTJ This is the echo $sql. There is an extra space before the final single quote.
Nonetheless,
JTJ $sql = 'SELECT id,AU,ST,BT,AT FROM '.$table.' WHERE MATCH
(TNum,YR,AU,ST,SD,BT,BC,AT,PL,PR,PG,LG,AUS,KW,GEO,AN,RB,CO) AGAINST
(\''.clean_search_string($search).'\' IN BOOLEAN MODE) ORDER BY id
JTJ asc';
JTJ MySQL still thinks it is receiving A boolean +ready and + maria
JTJ http://ccl.flsh.usherb.ca/print/index.html
JTJ I'm just dumbfounded.
H a puzzler
add this to the end of the function to clean up that extra space:
$r = substr($r,0,strlen($r)-1);
return $r;
--
regards,
Tom
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
