?
Solved

Special Character Problem in Mysql database insert from form

Posted on 2011-03-25
16
Medium Priority
?
399 Views
Last Modified: 2012-05-11
I have a text box with this code:

<textarea name="link_rt" id="link_rt" rows="4" class="text-intput text-box" onKeyDown="limitText(this,140);" onKeyUp="limitText(this,140);"></textarea>

Open in new window


My Mysql insert code is:

$query = "INSERT INTO di_links (link_id, linkType, linkText) VALUES ('".$postId."','RT','".mysql_real_escape_string($link_rt)."')";

Open in new window


if a person types in a & or # the text gets cut off at that point when inserting into the database.  How can i have special characters into a database field?

0
Comment
Question by:jporter80
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 3
  • 3
  • +1
16 Comments
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35216376
Use htmlspecialchars( $link_rt, ENT_QUOTES )

See http://www.php.net/htmlspecialchars
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35216406
Actually, on reflection a & or a # should not prevent the SQL statement from completing. Are you sure that the javascript limitText is not the culprit here?
0
 

Author Comment

by:jporter80
ID: 35216411
so would you do that in the variable declaration in my query page?

like:

$link_rt = htmlspecialchars( $_POST['link_rt'], ENT_QUOTES );
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:jporter80
ID: 35216418
no its not.. because its cutting off way before 140 character count.. and i have tested.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35216448
Try it and see - just like you typed, but I think the problem is elsewhere. Does anything else process $link_rt before it gets to the query?
0
 

Author Comment

by:jporter80
ID: 35216576
okay.. looks like # is going in just fine.. however & gets cut off
0
 
LVL 5

Expert Comment

by:tsmgeek
ID: 35217798
the data is going into the DB but when you view it again you need to use htmlspecialcharacters to display it, check the DB directly to see if its there correctly
0
 

Author Comment

by:jporter80
ID: 35217821
its not even getting in the database.. im finding out through searches that it has to do with $.ajax submitting the form feilds dynamically.. and its not escaping the ampersand... still trying to find out how to fix it because that is the only character that is having the problem right now.
0
 
LVL 5

Expert Comment

by:tsmgeek
ID: 35217940
if you are using jquery ajax with POST then you dont need to escape it, i never do on any code i have
0
 

Author Comment

by:jporter80
ID: 35218016
sorry im kind of new at this a bit.  Here is my Ajax code

submitHandler: function(form) {

			 var link_rt     = $('#link_rt').attr('value');
			 var link_ts     = $('#link_ts').attr('value');
			 
			 				
		$.ajax({		
						type: "POST",
						url: "/action/submit.php",
						data: { link_rt: link_rt, link_ts: link_ts },
						success: function(){
						$('form#submitForm').hide(function(){$('div.success').fadeIn();});
						document.getElementById("submitForm").reset();
						setTimeout($('form#submitForm').show(function(){$('div.success').fadeOut();}),4000);
						}
		});

Open in new window


here is my Php insert

$link_rt = urlencode($_POST['link_rt']);


$query = "INSERT INTO di_links (link_id, linkType, linkText) VALUES ('".$postId."','RT','".mysql_real_escape_string($link_rt)."')";

Open in new window


any idea what could be wrong with ampersand characters getting cut off from the ajax page to the php insert?
0
 
LVL 5

Expert Comment

by:tsmgeek
ID: 35218041
DONT do the urlencode before the insert into the DB
thats an output to html function
0
 

Author Comment

by:jporter80
ID: 35218073
okay.. but that is the only field... i have other fields with out the urlencode that ampersand is having trouble with.
0
 

Author Comment

by:jporter80
ID: 35218213
im wondering if i need to specify a dataType in the ajax info

not sure if it should be

dataType: "html",

or

dataType: "text",

any ideas?
0
 

Author Comment

by:jporter80
ID: 35218343
adding dataType: "text",

worked.. thanks for your help
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 36243470
Question PAQ'd and stored in the solution database.
0

Featured Post

WordPress Tutorial 1: Installation & Setup

WordPress is a very popular option for running your web site and can be used to get your content online quickly for the world to see. This guide will walk you through installing the WordPress server software and the initial setup process.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently I was talking with Tim Sharp, one of my colleagues from our Technical Account Manager team about MongoDB’s scalability. While doing some quick training with some of the Percona team, Tim brought something to my attention...
Your data is at risk. Probably more today that at any other time in history. There are simply more people with more access to the Web with bad intentions.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question