Thanks for the advice. I've changed the code to use mysql_real_escape_string.
So now it is
$name = mysql_real_escape_string($name);
preg_replace('/−/','-',$name);
but it's still not replacing the − string. I've also changed the field in
the database so that now it is using the collation utf8_general_ci. I've also
tried
preg_replace('/−/','-',$name);
$name = mysql_real_escape_string($name);
preg_replace('/−/','-',$name);
and that also did not work. Any ideas?
Michael
On Apr 18, 2010, at 1:08 PM, Michiel Sikma wrote:
> On 18 April 2010 16:46, Peter Lind <[email protected]> wrote:
>
>> On 18 April 2010 16:40, Phpster <[email protected]> wrote:
>>>
>>>
>>> On Apr 18, 2010, at 8:59 AM, Michael Stroh <[email protected]> wrote:
>>>
>>>> I have this form that people use to add entries into a MySQL database.
>>>> Recently I've had some users insert − in their entries instead of -
>> which is
>>>> causing some issues with scripts down the line. I'd like to replace the
>> −
>>>> character with -.
>>>>
>>>> Originally I had something like
>>>>
>>>> $name = mysql_escape_string($_POST["name"]);
>>>>
>>>> which would convert the offending character to − before entering
>> it
>>>> into the database. It's this encoding that is causing the problems since
>>>> some scripts send out emails with this entry in their subject line which
>>>> looks messy.
>>>>
>>>> I've tried adding the following line after the previous line to help fix
>>>> this issue, however, I just got another entry with the same problem.
>>>>
>>>> preg_replace('/−/','-',$name);
>>>>
>>>> Any suggestions on how others would fix this problem? I'd just like to
>> fix
>>>> it before the entry hits the database instead of creating fixes on the
>> other
>>>> end of things.
>>>>
>>>>
>>>> Cheers,
>>>> Michael
>>>> --
>>>> PHP General Mailing List (http://www.php.net/)
>>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>>
>>>
>>> One option is to send an HTML email which would have the email reader
>>> interpret that code correctly
>>>
>>> Bastien
>>
>> Another option would be to use mysql_real_escape_string and make sure
>> that your code and the database are using utf-8. Then when the email
>> is sent, make sure that uses utf-8 as well.
>>
>> Regards
>> Peter
>>
>>
> Make sure the database connection is also utf8:
>
> set names 'utf8';
>
> Typically, you should keep everything in utf8 unless you have a very good
> reason not to.
> And as Peter mentioned, the proper way to escape MySQL inserts (that is, if
> you're not already using a framework that does this competently) is
> mysql_real_escape_string().
>
> Michiel
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
