Board index   FAQ   Search  
Register  Login
Board index php forum :: Database mySQL & php coding

Form and MySQL problem. No, not register_globals-related :)

Codes here !

Moderators: macek, egami, gesf

Form and MySQL problem. No, not register_globals-related :)

Postby jetthe » Sun Mar 02, 2003 8:25 am

I'm experiencing an strange problem in my newly created (15min-hack) "forum". It simply refused to insert some posts into the database. The snippet that inserts the code it simplest ever:

Code: Select all
if($do_post)
        {
        mysql_query("INSERT INTO forum (name,contents,user,mid) VALUES ('$p_name','$p_contents','$p_user','$p_mid')");
      header("Location: $PHP_SELF");
        }



and it works really great in most cases, I honestly don't have a clue why it refused to work with some posts. Check it out on:
http://www.clan-elite.dot.nu/


if you need more info, please say so =)

thnx in advance,
jetthe
New php-forum User
New php-forum User
 
Posts: 3
Joined: Sun Mar 02, 2003 8:15 am

Postby *JaH* » Sun Mar 02, 2003 11:24 pm

you can't insert every kind of character :) Some chars you have to escape before inserting into yur database :)
*JaH*
New php-forum User
New php-forum User
 
Posts: 80
Joined: Fri Jan 31, 2003 4:18 pm

Postby Oleg Butuzov » Sun Mar 02, 2003 11:30 pm

little corections... can you tell us what do get when run thi script?

Code: Select all
if(isset($do_post))
        {
        mysql_query("INSERT INTO forum (name,contents,user,mid) VALUES ('$p_name','$p_contents','$p_user','$p_mid')") or die(mysql_error());
      header("Location: $PHP_SELF");
        }
Oleg Butuzov
Last Samuray
Last Samuray
 
Posts: 831
Joined: Sun Jun 02, 2002 3:09 am

Postby jetthe » Mon Mar 03, 2003 6:06 am

Ah, thanks for opening my eyes, apparently i missed the all-too-known: mysql_escape_string(htmlspecialchars(stripslashes($querydata)));

for application on my posted data, now it works like a charm and surely is secure and all =)
Thanks again,
jetthe
New php-forum User
New php-forum User
 
Posts: 3
Joined: Sun Mar 02, 2003 8:15 am


Return to mySQL & php coding

Who is online

Users browsing this forum: No registered users and 2 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.