Hi,
I've sent a few emails thus far regarding adding apostrophe's through a PHP
script form into a MySQL database. The responses I received indicated to
me that I needed to get my hosting company to activate magic_quotes_gpc.
After several days of talking with what seems to be the sole tech support
person left at my hosting company - I was told that the magic_quotes_gpc
variable is not supported by them.
Sooo ... this leaves me in a rather awkward situation. I need to have a
basic content management system up and running in the extremely near future
that will be utilized by a great number of individuals. If when an
apostrophe is entered - all the information entered through the form is
rejected by the database - the entire endeavour suddenly becomes rather
useless.
I know that if I enter a \ before any apostrophe's in the form, it all
works well ... but I highly doubt that the large number of volunteer's
we're going to be working with here will take the time to add them, or even
remember 5 minutes after I tell them.
Does anyone have any possible solutions for this problem? I'll include the
portion of code that seems to be causing the problems now ...
I'm already using the addslashes() command and it is not working ... I'm
desperate at this point ...
Again, the following works flawlessly on my local test machine running
Apache 1.3.23 and PHP 4.1.1 with MySQL 3.23.39 but not at all on my web
host running Apache 1.3.12 and PHP 3.0.16 with MySQL 3.22.32
Thanks in advance,
-Tim
<?php
$db = mysql_connect("localhost", "xxxx", "xxxx");
mysql_select_db("edoinfo",$db);
if ($submit) {
// here if no ID then adding else we're editing
if ($id) {
$sql = "UPDATE ai_data SET
section='$section',subsection='$subsection',heading='$heading',title='$title',info='$info',entry=NOW()
WHERE id=$id";
} else {
$sql = "INSERT INTO ai_data
(section,subsection,heading,title,info,entry) VALUES
('$section','$subsection','$heading','$title','$info',NOW())";
}
// run SQL against the DB
$result = mysql_query($sql);
echo "Record updated/edited!<p>";
echo "<a href='add_info.php' class='comcal'>ADD A RECORD</a>";
} elseif ($delete) {
// delete a record
$sql = "DELETE FROM ai_data WHERE id=$id";
$result = mysql_query($sql);
echo "$sql Record deleted!<p>";
echo "<a href='add_info.php' class='comcal'>ADD A RECORD</a>";
} else {
// this part happens if we don't press submit
if (!$id) {
// print the list if there is not editing
$result = mysql_query("SELECT * FROM ai_data",$db);
while ($myrow = mysql_fetch_array($result)) {
printf("<a href=\"%s?id=%s\" class='comcal'>%s</a> \n", $PHP_SELF,
$myrow["id"], $myrow["title"]);
printf("<a href=\"%s?id=%s&delete=yes\" class='comcal'>(DELETE)</a><br>",
$PHP_SELF, $myrow["id"]);
}
}
?>
<p> <a href="<?php echo $PHP_SELF?>" class="comcal">ADD A RECORD</a>
<p> <form method="post" action="<?php echo $PHP_SELF?>">
<?php
if ($id) {
// editing so select a record
$sql = "SELECT * FROM ai_data WHERE id=$id";
$result = mysql_query($sql);
$myrow = mysql_fetch_array($result);
$id = $myrow["id"];
$section = $myrow["section"];
$subsection = $myrow["subsection"];
$heading = $myrow["heading"];
$title = addslashes($myrow["title"]);
$info = addslashes($myrow["info"]);
$entry = $myrow["entry"];
// print the id for editing
?>
<input type=hidden name="id" value="<?php echo $id ?>">
<?php
}
?>
</td>
<td align="left" valign="top">Section<font size="1"></font>:</td>
<td align="left" valign="top">
<input type="text" name="section" value="<?php echo $section ?>"
size="35" maxlength="100" <?php include('../../../scripts/forms.css'); ?>>
</td>
</tr>
<tr>
<td align="left" valign="top">Sub-Section: </td>
<td align="left" valign="top">
<input type="text" name="subsection" value="<?php echo $subsection
?>" size="35" maxlength="100" <?php include('../../../scripts/forms.css'); ?>>
</td>
</tr>
<tr>
<td align="left" valign="top">Heading Graphic: </td>
<td align="left" valign="top">
<input type="text" name="heading" value="<?php echo $heading ?>"
size="35" maxlength="255" <?php include('../../../scripts/forms.css'); ?>>
</td>
</tr>
<tr>
<td align="left" valign="top">Section Title: </td>
<td align="left" valign="top">
<input type="text" name="title" value="<?php echo $title ?>"
size="35" maxlength="255" <?php include('../../../scripts/forms.css'); ?>>
</td>
</tr>
<tr>
<td align="left" valign="top" colspan="2"> </td>
</tr>
<tr>
<td align="left" valign="top">Document Information: </td>
<td align="left" valign="top">
<textarea cols="35" name="info" rows="5" <?php
include('../../../scripts/forms.css'); ?>><?php echo $info ?></textarea>
</td>
</tr>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top"> </td>
</tr>
<tr>
<td align="left" valign="top">Event Entry: </td>
<td align="left" valign="top">
<?php echo $entry ?>
</td>
</tr>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top"> </td>
</tr>
<tr>
<td align="left" valign="top">
<input type="Submit" name="submit" value="Enter information"
border=0 alt="Enter Information" style="background-color: 000000;
font-size: 14; color: cccccc;">
</td>
<td align="left" valign="top"> </td>
</tr>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top"> </td>
</tr>
</table>
</form>
<?php
}
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
