Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 237
  • Last Modified:

email Storage Issues in Mysql database

My Email is storing in database as:

<p><a class="mediumimage " href="http://www.website.com/cw4/admin/js/tinyMCE/UserFiles/Images/aliciasilverstone01_1024x768.jpg" target="_blank"><img src="http://www.website.com/cw4/admin/js/tinyMCE/UserFiles/_middle/Images/aliciasilverstone01_1024x768.jpg" alt="" /></a></p>
<p> </p>
<table style="width: 730px; height: 66px;" border="0">
<tbody>
<tr>
<td>Welcome</td>
<td>Jungle</td>
</tr>
<tr>
<td>Dirty</td>
<td>Stars</td>
</tr>
</tbody>
</table>

Open in new window


when email is sent, no matter if its type is HTML, it shows HTML tags there, i am missing something on mysql part i think, anyone can throw some light here

table column Message collation is: utf8_unicode_ci

Table Dump

CREATE TABLE IF NOT EXISTS `mailinglist_messages` (
  `MessageID` bigint(255) unsigned NOT NULL AUTO_INCREMENT,
  `Message` longtext COLLATE utf8_unicode_ci,
  `SentToGroup` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
  `SentOn` datetime DEFAULT NULL,
  `SentBy` varchar(150) COLLATE utf8_unicode_ci DEFAULT NULL,
  `InstanceName` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
  PRIMARY KEY (`MessageID`)
) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=2 ;

Open in new window

0
Gurpreet Singh Randhawa
Asked:
Gurpreet Singh Randhawa
4 Solutions
 
arnoldCommented:
It is unwise as you see to store email directly into a database.  An alternative might be to parse and extract/strip HTML storing only data.
It is best to store emails within the filesystem

Do you parse email?
0
 
Tomas Helgi JohannssonCommented:
Hi!

You might want to store the email-message as LONGBLOB instead of LONGTEXT.
By doing that you are storing the message "as is" and will get it back exactly as you stored it.

Regards,
    Tomas Helgi
0
 
Steve BinkCommented:
arnold is right - storing this type of data in a database field is inefficient, at best.  The file system is a much better alternative, with just a pointer to the file in the database.

As far as the formatting, there is something else in your code escaping the content before its insertion into the database.  MySQL does no translation like that.
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
arnoldCommented:
Mysql_real_escape_string this is the php code that should be used to avoid sql injection issues with data from forms/external sources.
Not sure what process the incomng emails
0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
Thanks for theupdate guys, but nothing worked, i actually had to convert the htmlenteties to html through cffunction and it stored the details in the db without any issue, something else might have been causing an issue
0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
Thanks
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now