Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1222
  • Last Modified:

PHP escape chars and ereg replace

I have a little problem which has been driving me insane for about an hour.
I am developing a message board / forum much like this. It has smilies a admin user can add and edit smilies fine. The problem comes when posting users click on the smilie they desire and a little bit of text goes into the post box.
Later on the code below is ran and the text e.g :) is replaced with an image.
Well thats the plan.
but i get this nice error
Warning: ereg_replace(): REG_EMPTY:Hempty (sub)expression in C:\Webspace\s2ointernal\Development\cmsdev.s2o.co.uk\www\posts.php on line 144
 
O.k I think check the code make sure the brackets are all o.k.
check, they are.
I then relise that the ) that has been grabbed from the database in order to search for the smilie characters which will then be replaced is closing the ereg_replace early or at least thats that I think
I tried to replace it with no avail. Any ideas will be great.
                        
$query2="SELECT * FROM smilies";//table which holds the image and replace text
$result2=odbc_exec($handle,$query2);//run it
$postData=$_POST['postdata'];//the post data
$i=0;
while(odbc_fetch_row($result2))//go through each enty
{
$string=ereg_replace("/)","//)", odbc_result($result2,"replace"));//try to replace the ) in the replace text
      echo $string;//echo it out error here
$postData=ereg_replace($string,"<img src=" . ereg_replace(" ","%20",odbc_result($result2,"image")) . ">",$postData);//replace the image
                                                
}
0
rhousham2
Asked:
rhousham2
  • 3
1 Solution
 
skullnobrainsCommented:
dunno much about ereg_replace errors as i make little use of it but str_replace is much easier to handle and should solve your problem.
if what you replace the :) by is an image you just can't use any of them. in this case try to either use php to directly output the image to the browser or use the classical html tag (<img...)
if not, could u tell what u want it to be replaced by ??
0
 
AndyCommented:
Are you sure that the correct text is being returned form the DB? When putting text into a DB you should escape any reserved characters first. You can use addslashes() to this this and then when you pull the data out of the DB use stripslashes() to remove the escaping slashes.
0
 
rhousham2Author Commented:
O.k the skullnobrains guy is right your str_replace thing worked! . The point will be yours shortly cheers. To Reapz the addslashes() function only adds / before and ' or " so the ) will not have been escaped nor should it be, should it?. Not too sure there. Cheers for telling me about the addslashes and remove slashes though cos previously i've been using ereg_replace and then replaceing the " and ' with &nb34; or &nb39 or somethin like that.
but cheers to the first guy the points r yours
0
 
skullnobrainsCommented:
cool if u managed
if u run through any more probs, i guess u will post it down here.
if needed i just don't care thatmuch about points so you may post here.
0
 
skullnobrainsCommented:
sorry, was tired yesterday so i didn't really get this was a question.

<< so the ) will not have been escaped nor should it be, should it?. Not too sure there. Cheers for telling me about the addslashes and remove slashes though cos previously i've been using ereg_replace and then replaceing the " and ' with &nb34; or &nb39 or somethin like that. >>

addslashes (and the reverse function stripslashes) only affect the quotes, double-quotes, anti-slashes and null characters. it is expressly designed to escape strings for a SGBD input (ie requests on any BDD) and should be used for user text inputToBdd ie forums for example.

for more info, type addslashes in google, as almost any php function, the first choice will be one of the php manuals at the correct page. you definitely MUST have a copy of that manual if u don't usually work online. it is valuable, contains lots of hints and tricks as well as some usual errors and/or mistakes. briefly it is excellent in every way and php is the sole language in this case !

gluck;
:)
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now