• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 354
  • Last Modified:

PHP and Mysql !!

I got a problem with PHP and a HTTP request from a Delphiapplication to a MySql-Database.
PHP seem to excape some letters \'  and \"
here's what I sent with a Post command:
  'select [field] from [table] where [field] like "Aa%"';
it works from the commandprompt on Linux-MySQL.
But PHP escapes the " and % which means that MYSQL doesn't
understand it !!
- Can I pass the string to MySQL from PHP without theese
  escapecodes ??  or is there an other solution ??
0
Jeb
Asked:
Jeb
  • 3
  • 2
1 Solution
 
m4ioCommented:
MySQL likes commands within single quotes, this could be
the problem. If Delphi should expand "Aa%" into something
like "expanded_string" then single quotes work perfectly.

PHP uses $string instead of string% , but I guess this has
nothing to do with your problem ..

0
 
JebAuthor Commented:
that didn't answer my question !!

$Strings and String% is not my problem !!
$String is MySQL and "string%" is part of an SQL-quiery.
As you say MySQL should take escaped "  and ' but it doesn't seem to work.

0
 
m4ioCommented:
Quote from the mysql documentation :

SELECT * from banner where banner_group LIKE '%value%';

So string% should work, also when executed from a PHP
script. The actual problem might be somewhere else in your
script. Have you checked the result code when you execute the query ?

On the other hand, if you create a string in PHP like this :

$string = 'this is some text and "this is something else" ';
then the string really contains the double quotes before this
and after else. You might have to build a string using chr(34) codes for double quotes. I had to do this in many ASP scripts before I worked with PHP and also in PHP these codes are sometimes required. Variables within strings which are enclosed in single quotes, are not (!) replaced by their values.

So $string = 'hello $name'; will output hello $name if you print it and not hello <value of $name>.

Also check this value : (From the documentation of PHP)

magic_quotes_gpc boolean
Sets the magic_quotes state for GPC (Get/Post/Cookie) operations. When magic_quotes are on, all ' (single-quote), " (double quote), \ (backslash) and NUL's are escaped with a backslash automatically. If magic_quotes_sybase is also on, a single-quote is escaped with a single-quote instead of a backslash.


0
 
JebAuthor Commented:
Fine
  Magic_quotes was the answer !!


0
 
m4ioCommented:
To close the question here is the answer again :

Quote from the mysql documentation :

SELECT * from banner where banner_group LIKE '%value%';

So string% should work, also when executed from a PHP
script. The actual problem might be somewhere else in your
script. Have you checked the result code when you execute the query ?

On the other hand, if you create a string in PHP like this :

$string = 'this is some text and "this is something else" ';
then the string really contains the double quotes before this
and after else. You might have to build a string using chr(34) codes for double quotes. I had to do this in many ASP scripts before I worked with PHP and also in PHP these codes are sometimes required. Variables within strings which are enclosed in single quotes, are not (!) replaced by their values.

So $string = 'hello $name'; will output hello $name if you print it and not hello <value of $name>.

Also check this value : (From the documentation of PHP)

magic_quotes_gpc boolean
Sets the magic_quotes state for GPC (Get/Post/Cookie) operations. When magic_quotes are on, all ' (single-quote), " (double quote), \ (backslash) and NUL's are escaped with a backslash automatically. If magic_quotes_sybase is also on, a single-quote is escaped with a single-quote instead of a backslash.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now