We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

PHP escape chars and ereg replace

rhousham2
rhousham2 asked
on
Medium Priority
1,248 Views
Last Modified: 2013-12-12
I have a little problem which has been driving me insane for about an hour.
I am developing a message board / forum much like this. It has smilies a admin user can add and edit smilies fine. The problem comes when posting users click on the smilie they desire and a little bit of text goes into the post box.
Later on the code below is ran and the text e.g :) is replaced with an image.
Well thats the plan.
but i get this nice error
Warning: ereg_replace(): REG_EMPTY:Hempty (sub)expression in C:\Webspace\s2ointernal\Development\cmsdev.s2o.co.uk\www\posts.php on line 144
 
O.k I think check the code make sure the brackets are all o.k.
check, they are.
I then relise that the ) that has been grabbed from the database in order to search for the smilie characters which will then be replaced is closing the ereg_replace early or at least thats that I think
I tried to replace it with no avail. Any ideas will be great.
                        
$query2="SELECT * FROM smilies";//table which holds the image and replace text
$result2=odbc_exec($handle,$query2);//run it
$postData=$_POST['postdata'];//the post data
$i=0;
while(odbc_fetch_row($result2))//go through each enty
{
$string=ereg_replace("/)","//)", odbc_result($result2,"replace"));//try to replace the ) in the replace text
      echo $string;//echo it out error here
$postData=ereg_replace($string,"<img src=" . ereg_replace(" ","%20",odbc_result($result2,"image")) . ">",$postData);//replace the image
                                                
}
Comment
Watch Question

CERTIFIED EXPERT
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Commented:
Are you sure that the correct text is being returned form the DB? When putting text into a DB you should escape any reserved characters first. You can use addslashes() to this this and then when you pull the data out of the DB use stripslashes() to remove the escaping slashes.

Author

Commented:
O.k the skullnobrains guy is right your str_replace thing worked! . The point will be yours shortly cheers. To Reapz the addslashes() function only adds / before and ' or " so the ) will not have been escaped nor should it be, should it?. Not too sure there. Cheers for telling me about the addslashes and remove slashes though cos previously i've been using ereg_replace and then replaceing the " and ' with &nb34; or &nb39 or somethin like that.
but cheers to the first guy the points r yours
CERTIFIED EXPERT

Commented:
cool if u managed
if u run through any more probs, i guess u will post it down here.
if needed i just don't care thatmuch about points so you may post here.
CERTIFIED EXPERT

Commented:
sorry, was tired yesterday so i didn't really get this was a question.

<< so the ) will not have been escaped nor should it be, should it?. Not too sure there. Cheers for telling me about the addslashes and remove slashes though cos previously i've been using ereg_replace and then replaceing the " and ' with &nb34; or &nb39 or somethin like that. >>

addslashes (and the reverse function stripslashes) only affect the quotes, double-quotes, anti-slashes and null characters. it is expressly designed to escape strings for a SGBD input (ie requests on any BDD) and should be used for user text inputToBdd ie forums for example.

for more info, type addslashes in google, as almost any php function, the first choice will be one of the php manuals at the correct page. you definitely MUST have a copy of that manual if u don't usually work online. it is valuable, contains lots of hints and tricks as well as some usual errors and/or mistakes. briefly it is excellent in every way and php is the sole language in this case !

gluck;
:)
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.