Avatar of ChipmunkRumbleStud
ChipmunkRumbleStud
 asked on

Mysql is corrupting stringified JSON object

I'm sending a stringified JSON object into a mysql database via AJAX for later retrieval. When the value is recalled from the database and I attempt to parse it into an object with JSON.parse() I get an 'Uncaught Syntax error Uncaught Value \'.

I can stringify and parse the object just fine before it hits the mysql table.

I've tried many combinations of mysql_real_escape_string() and stripslashes() in php before and after the string hits the database, and I just tried it with magic_quotes_gpc on. The data is POSTed to the server in AJAX with a FormData object.

Can't seem to get this one right. Any hints?
PHPMySQL ServerApache Web Server

Avatar of undefined
Last Comment
Ray Paseur

8/22/2022 - Mon
Gary

Can you post a sample of the data?
hielo

>>I just tried it with magic_quotes_gpc on
You need to turn this feature off. If you turn it on, then auto-escaping will take place.

Also, look into the runtime setting.  Try the following settings in your php.ini file:
magic_quotes_gpc = Off
magic_quotes_runtime = Off
ChipmunkRumbleStud

ASKER
pc1 = new webkitRTCPeerConnection(getServerOptionsFromUsername("countdracula"));
pc1.createOffer(placeCall, onError);

function placeCall(description){
      offer =  description;
      console.log(offer);
      var offer_string = JSON.stringify(offer);
      console.log(offer_string);
      var offer_parsed = JSON.parse(offer_string);
      console.log(offer_parsed);
      var recipient_info = new FormData();
    recipient_info.append('recip_un', 'sean');
    recipient_info.append('recip_id', '4');
    recipient_info.append('desc', offer_string);
       $.ajax({
              type:'POST',
              url:'place_call.php',
              data:recipient_info,
              processData: false,
              contentType:false,
              dataType:'xml',
              beforeSend: function(){
                  //do nothing since this is  polling request
              },
              success:function(xml){
                         //celebrate
              }
          }).done(function(data){
              console.log(data);
          });
}



function getIncomingCalls(){
    var inc_calls = new FormData();
    inc_calls.append('get_calls', 'incoming');
    $.ajax({
        type:'POST',
        url:'inc_calls.php',
        data:inc_calls,
        processData: false,
        contentType:false,
        dataType:'xml',
        beforeSend: function(){
              console.log('getting incoming calls');
        },
        success:function(xml){
            console.log(xml);
            $(xml).find('response').each(function(){
                //console.log($(this).text());
                $(this).find('call').each(function(){
                    un = $(this).find('username').text();
                    desc = $(this).find('desc').text();
                    console.log(un);
                    var parsed_desc = JSON.parse(desc);
                    console.log(parsed_desc.type);
                });
               
            });
        }
    }).done(function(data){
        console.log(data);
    });
}

before ajax in placeCall the console shows this

{"sdp":"v=0\r\no=- 7510117493362326927 2 IN IP4 127.0.0.1\r\ns=-\r\nt=0 0\r\na=group:BUNDLE audio\r\na=msid-semantic: WMS\r\nm=audio 1 RTP/SAVPF 111 103 104 0 8 106 105 13 126\r\nc=IN IP4 0.0.0.0\r\na=rtcp:1 IN IP4 0.0.0.0\r\na=ice-ufrag:d+0AR3QbgCGcKQqO\r\na=ice-pwd:qJFdecR+jczOYmVOHhx150kK\r\na=ice-options:google-ice\r\na=fingerprint:sha-256 F2:7E:16:1C:0E:44:DD:43:49:15:33:7C:B7:34:78:20:91:A0:66:23:56:A0:4C:A4:D3:92:36:E8:23:19:53:47\r\na=setup:actpass\r\na=mid:audio\r\na=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level\r\na=recvonly\r\na=rtcp-mux\r\na=crypto:0 AES_CM_128_HMAC_SHA1_32 inline:4tY/7/z8txBEfT/BnCeZBKYQmOhHhMhG5cfcH7yY\r\na=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:ykrj0rZXW7HemoiTUVUZwTjIwfP5c+GZyEn3HlTN\r\na=rtpmap:111 opus/48000/2\r\na=fmtp:111 minptime=10\r\na=rtpmap:103 ISAC/16000\r\na=rtpmap:104 ISAC/32000\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:8 PCMA/8000\r\na=rtpmap:106 CN/32000\r\na=rtpmap:105 CN/16000\r\na=rtpmap:13 CN/8000\r\na=rtpmap:126 telephone-event/8000\r\na=maxptime:60\r\n","type":"offer"}

and in console.log(xml) from getIncomingCalls it shows as this

"{\"sdp\":\"v=0
o=- 4667395453237381342 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE audio
a=msid-semantic: WMS
m=audio 1 RTP/SAVPF 111 103 104 0 8 106 105 13 126
c=IN IP4 0.0.0.0
a=rtcp:1 IN IP4 0.0.0.0
a=ice-ufrag:uAYT/xsBEaJHaGKB
a=ice-pwd:+S5kfDjI6CL1CR1c0SqKcwt/
a=ice-options:google-ice
a=fingerprint:sha-256 F2:7E:16:1C:0E:44:DD:43:49:15:33:7C:B7:34:78:20:91:A0:66:23:56:A0:4C:A4:D3:92:36:E8:23:19:53:47
a=setup:actpass
a=mid:audio
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=recvonly
a=rtcp-mux
a=crypto:0 AES_CM_128_HMAC_SHA1_32 inline:x+Q1LIZ0rt6DmjxOEDKJ8XJ7B7SHK7pjnPQtqlAY
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:uowrkoPibrrtRrPu7QsdrAItk0I0YYRQHnFLEnL8
a=rtpmap:111 opus/48000/2
a=fmtp:111 minptime=10
a=rtpmap:103 ISAC/16000
a=rtpmap:104 ISAC/32000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:106 CN/32000
a=rtpmap:105 CN/16000
a=rtpmap:13 CN/8000
a=rtpmap:126 telephone-event/8000
a=maxptime:60
\",\"type\":\"offer\"}"

so it seems like its just those slashes, but its not. when I put stripslashes() around the inc_calls.php response, i still get a token error.

All the above data is done with mgicquotes_gpc On, magicquotes_runtime On, not using mysql_real_escape or strip_slashes anywhere
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Dave Baldwin

It seems obvious that in your console.log(xml), the '\r\n' is being shown as Cr/Lf which is what the '\r\n' stands for.  That's pretty much exactly what happens when you run it thru javascript or PHP, the escaped '\r\n' gets converted.  As for the remaining '\' characters, it looks like you have a mismatch between escaping and un-escaping.
ChipmunkRumbleStud

ASKER
I just tried it with magic quotes runtime off, and gpc. the whole stringified object is wrapped in double quotes in the xml, whereas the username is not
ChipmunkRumbleStud

ASKER
That's pretty much exactly what happens when you run it thru javascript or PHP, the escaped '\r\n' gets converted.  As for the remaining '\' characters, it looks like you have a mismatch between escaping and un-escaping.

So the carriage returns are part of the problem?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Dave Baldwin

I don't think they are part of the problem but they partly explain why the display is different.  I hope you're using 'new' data for each test.  Sometimes when you get the escapes out of order, it is difficult to get it to display right with all those functions you've using.  They never seem to cancel each other out right to get the results you need.
ASKER CERTIFIED SOLUTION
Ray Paseur

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.