Link to home
Start Free TrialLog in
Avatar of jporter80
jporter80Flag for United States of America

asked on

Special Character Problem in Mysql database insert from form

I have a text box with this code:

<textarea name="link_rt" id="link_rt" rows="4" class="text-intput text-box" onKeyDown="limitText(this,140);" onKeyUp="limitText(this,140);"></textarea>

Open in new window


My Mysql insert code is:

$query = "INSERT INTO di_links (link_id, linkType, linkText) VALUES ('".$postId."','RT','".mysql_real_escape_string($link_rt)."')";

Open in new window


if a person types in a & or # the text gets cut off at that point when inserting into the database.  How can i have special characters into a database field?

Avatar of Beverley Portlock
Beverley Portlock
Flag of United Kingdom of Great Britain and Northern Ireland image

Use htmlspecialchars( $link_rt, ENT_QUOTES )

See http://www.php.net/htmlspecialchars
Actually, on reflection a & or a # should not prevent the SQL statement from completing. Are you sure that the javascript limitText is not the culprit here?
Avatar of jporter80

ASKER

so would you do that in the variable declaration in my query page?

like:

$link_rt = htmlspecialchars( $_POST['link_rt'], ENT_QUOTES );
no its not.. because its cutting off way before 140 character count.. and i have tested.
Try it and see - just like you typed, but I think the problem is elsewhere. Does anything else process $link_rt before it gets to the query?
okay.. looks like # is going in just fine.. however & gets cut off
the data is going into the DB but when you view it again you need to use htmlspecialcharacters to display it, check the DB directly to see if its there correctly
its not even getting in the database.. im finding out through searches that it has to do with $.ajax submitting the form feilds dynamically.. and its not escaping the ampersand... still trying to find out how to fix it because that is the only character that is having the problem right now.
if you are using jquery ajax with POST then you dont need to escape it, i never do on any code i have
sorry im kind of new at this a bit.  Here is my Ajax code

submitHandler: function(form) {

			 var link_rt     = $('#link_rt').attr('value');
			 var link_ts     = $('#link_ts').attr('value');
			 
			 				
		$.ajax({		
						type: "POST",
						url: "/action/submit.php",
						data: { link_rt: link_rt, link_ts: link_ts },
						success: function(){
						$('form#submitForm').hide(function(){$('div.success').fadeIn();});
						document.getElementById("submitForm").reset();
						setTimeout($('form#submitForm').show(function(){$('div.success').fadeOut();}),4000);
						}
		});

Open in new window


here is my Php insert

$link_rt = urlencode($_POST['link_rt']);


$query = "INSERT INTO di_links (link_id, linkType, linkText) VALUES ('".$postId."','RT','".mysql_real_escape_string($link_rt)."')";

Open in new window


any idea what could be wrong with ampersand characters getting cut off from the ajax page to the php insert?
DONT do the urlencode before the insert into the DB
thats an output to html function
okay.. but that is the only field... i have other fields with out the urlencode that ampersand is having trouble with.
im wondering if i need to specify a dataType in the ajax info

not sure if it should be

dataType: "html",

or

dataType: "text",

any ideas?
adding dataType: "text",

worked.. thanks for your help
ASKER CERTIFIED SOLUTION
Avatar of ee_auto
ee_auto

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial