Wicked!
Thanks Beau - it's not quite there but it's better than errors and
timeouts all over the place!
I'll keep playing with it - thanks again!
Dave
-----Original Message-----
From: Beau Lebens [mailto:[EMAIL PROTECTED]]
Sent: 08 August 2001 08:28
To: Dave Watkinson; PHP-DB List (E-mail)
Subject: RE: [PHP-DB] Error checking and escaping before running a query
(MySQL)
Dave,
sounds like you are on the right track, but rather than use the
comparatively bulky regular expression engine, why not just the
light-weight
string function
str_replace( ",", " ", $searchbox );
(see "String Functions" in the manual)
and you should be able to do
str_replace( "\"", " ", $searchbox );
without violating any holy regex laws :)
// -----Original Message-----
// From: Dave Watkinson [mailto:[EMAIL PROTECTED]]
// Sent: Wednesday, 8 August 2001 3:18 PM
// To: PHP-DB List (E-mail)
// Subject: [PHP-DB] Error checking and escaping before running a query
// (MySQL)
//
//
// Hi all
//
// I have a searchbox that throws a wobbly when certain characters are
// entered into it - basically the user is supposed to enter a
// space-delimited list of words to search for, and then I
// create an array
// from it and turn it into an OR etc query.
//
// What I initially did was replace all commas with spaces, but I've
// realised that double-quotes mess it up too.
//
// The command I used for the spaces is
//
// $searchbox = ereg_replace(" ," ," ", $searchbox);
//
// I tried
//
// $searchbox = ereg_replace(" \"" ," ", $searchbox);
//
// but the page shows an error of
//
// Warning: REG_EPAREN: in
// d:\apache\htdocs\dev\code\can_search_quick.php on line 22
//
// there's a parse error if I don't escape the ", so what can I
// do? I know
// how to do it in VB!
//
// I searched PHP.net, but could only find an old bug report
// that advised
// escaping special characters!
//
// Help!
//
//
// Thanks in advance
//
//
// Dave
//
//
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]