SharkBait

This is the script that inserts the values into the database <?php if(isset($_POST['submit'])) { $errField = array(); foreach($_POST as $field => $value) { if($field != "submit" ) { switch ($field) { // any special dealings? case 'id': if(!isset($_GET['id'])) { // New entry skip id field } break; case 'reason': case 'summary': if(!empty($_POST[$field])) { $ECO[$field] = mysql_real_escape_string(trim($value)); } else { $errField[$field] = 1; } break; default: if(!empty($_POST[$field])) { $ECO[$field] = mysql_real_escape_string(trim($value)); } else { $errField[$field] = 1; } break; } } } // showPOST($ECO); // exit(); if(count($errField) > 0) { $errMsg = "<div class=\"error\">(". count($errField) .") Errors were found, please ensure all fields are filled out properly.</div><br />\n"; } else { // Submission sucessful - INSERT into DB if(isset($_GET['action']) && $_GET['action'] == "edit") { $str = "UPDATE main_eco_data SET id = '{$ECO['id']}', title = '{$ECO['title']}', reason = '{$ECO['reason']}', cost ='{$ECO['cost']}', ". "Expires_On='{$ECO['Expires_On']}', implimentation_date = '{$ECO['implimentation_date']}', summary = '{$ECO['summary']}', PartNumber = '{$ECO['partnumber']}', date_last_modified = NOW() WHERE id = '{$ID}'"; } else { $str = "INSERT INTO main_eco_data (id, title, originator, reason, cost, PartNumber, implimentation_date, summary) ". "VALUES (NULL, '{$ECO['title']}', '{$_SESSION['ecos']['username']}', '{$ECO['reason']}', '{$ECO['cost']}', '{$ECO[partnumber]}', '{$ECO['implimentation_date']}', '{$ECO['summary']}')"; } //echo "<p>{$str}</p>"; $qry = $MySQL->DoQuery($str, $DBLINK); header("Location: {$_SERVER['PHP_SELF']}"); exit(); } } ?>

Ok so.. perhaps I am confused about how to properly store a block of text in a database then. If someone fills out a textarea with multiple 'paragraphs' how should that value be stored in the database then so that when it's retrieved it can be properly displayed? If I view source for this thread there are <br /> between paragraphs. Are the <br /> stored in the database? What I want is if the user enters data into a textarea box with linebreaks/newlines whatever they are will be shown when the data is is retrieved back from the database properly. But at the same time I'd want the 'format' to be saved so that when it goes back into a textarea to be edited, the line breaks/new lines are correct too.

So \n should not be going into the database and perhaps they should be replaced with <br /> and then changed back to \n when going into a value for the <textarea> ?

This is what I get when I 'View Source' <p> From MySQL DB<br /> <textarea name="test" cols="50" rows="5">This is a fun thing to do, because \nif it didnt work then where would be be right?</textarea></p> <p>Hard Coded String<br /> <textarea name="test2" cols="50" rows="5">This is a fun thing to do, because if it didnt work then where would we be right?</textarea></p> <table> <tr> <th>From MySQL DB</th> </tr><tr> <td>This is a fun thing to do, because \nif it didnt work then where would be be right?</td> </tr> </table> <br /> <table> <tr> <th>Hard Coded String</th> </tr><tr> <td>This is a fun thing to do, because <br /> if it didnt work then where would we be right?</td> </tr> </table>

When I strip slashes it removes the slash so just the n shows up. When I manually run the query in MySQL via the shell this is the output mysql> select * FROM test; +----+-------------------------------------------------------------------------------------+ | id | value | +----+-------------------------------------------------------------------------------------+ | 1 | This is a fun thing to do, because \nif it didnt work then where would be be right? | +----+-------------------------------------------------------------------------------------+ 1 row in set (0.00 sec) So there is no crazy escapes or anything funky happening, or at least I can see.

Ok I am still trying to figure this out (http://www.phpfreaks.com/forums/index.php/topic,232747.0.html) and let's see if I can better explain what is going on. When I read in a field from a MySQL database that contains \n characters <textarea> or nl2br() does not work on it properly. If the string is hard coded into the script (not coming from a database) it works as expected. This is my test code: <?php $str = "SELECT * FROM test LIMIT 1"; $qry = $MySQL->DoQuery($str, $DBLINK); $r = $MySQL->FetchArray($qry); $line2 = "This is a fun thing to do, because \nif it didnt work then where would we be right?"; $line = $r['value']; // this is EXACTLY same string as $line2 but just in the table instead ?> <p> From MySQL DB<br /> <textarea name="test" cols="50" rows="5"><?php echo $line;?></textarea></p> <p>Hard Coded String<br /> <textarea name="test2" cols="50" rows="5"><?php echo $line2;?></textarea></p> <table> <tr> <th>From MySQL DB</th> </tr><tr> <td><?php echo nl2br($line);?></td> </tr> </table> <br /> <table> <tr> <th>Hard Coded String</th> </tr><tr> <td><?php echo nl2br($line2);?></td> </tr> </table> <?php The MySQL class is nothing more than mysql_query and mysql_fetch_array just simplified a bit more so I don't have to type in things like MYSQL_ASSOC etc. I have even replaced the MySQL class I wrote with php's mysql_query and mysql_fetch_array to ensure my class wasn't doing anything funny. Anything to do with Magic Quotes is turned off. What is happening to the data when it's read in from a database? Why doesn't nl2br() recognize the \n character? Why does the \n show up in the <textbox> when it technically shouldn't ?

Hrmm still trying to figure this one out.

insert code <?php if(isset($_POST['submit'])) { $errField = array(); foreach($_POST as $field => $value) { if($field != "submit" ) { switch ($field) { // any special dealings? case 'id': if(!isset($_GET['id'])) { // New entry skip id field } break; case 'reason': case 'summary': if(!empty($_POST[$field])) { $ECO[$field] = mysql_real_escape_string(trim($value)); } else { $errField[$field] = 1; } break; default: if(!empty($_POST[$field])) { $ECO[$field] = mysql_real_escape_string(trim($value)); } else { $errField[$field] = 1; } break; } } } // showPOST($ECO); // exit(); if(count($errField) > 0) { $errMsg = "<div class=\"error\">(". count($errField) .") Errors were found, please ensure all fields are filled out properly.</div><br />\n"; } else { // Submission sucessful - INSERT into DB if(isset($_GET['action']) && $_GET['action'] == "edit") { $str = "UPDATE main_eco_data SET id = '{$ECO['id']}', title = '{$ECO['title']}', reason = '{$ECO['reason']}', cost ='{$ECO['cost']}', ". "Expires_On='{$ECO['Expires_On']}', implimentation_date = '{$ECO['implimentation_date']}', summary = '{$ECO['summary']}', PartNumber = '{$ECO['partnumber']}', date_last_modified = NOW() WHERE id = '{$ID}'"; } else { $str = "INSERT INTO main_eco_data (id, title, originator, reason, cost, PartNumber, implimentation_date, summary) ". "VALUES (NULL, '{$ECO['title']}', '{$_SESSION['ecos']['username']}', '{$ECO['reason']}', '{$ECO['cost']}', '{$ECO[partnumber]}', '{$ECO['implimentation_date']}', '{$ECO['summary']}')"; } //echo "<p>{$str}</p>"; $qry = $MySQL->DoQuery($str, $DBLINK); header("Location: {$_SERVER['PHP_SELF']}"); exit(); } } ?> My custom MySQL class <?php class MySQL { var $link; var $query; var $num; var $results = array(); function MySQL($host, $username, $password, $database) { $this->host = $host; $this->username = $username; $this->password = $password; $this->database = $database; } function Connect() { // Connect to MYSQL DB with defined settings from config.php $this->link = mysql_connect($this->host, $this->username, $this->password, true) or die("MySQL Cannot Connect: ". mysql_error()); // Select database to work with mysql_select_db($this->database, $this->link) or die("MySQL Cannot Select {$this->database}: <br />". mysql_error()); // Return the link to be used later return $this->link; } function Disconnect($link) { // Close an active MySQL Connection $this->link = $link; mysql_close($this->link); } function DoQuery($query, $link) { // Basic Query Execution $this->query = $query; $this->link = $link; //echo "LINK: {$this->link}<br />"; $this->query = mysql_query($this->query, $this->link) or die("<strong>MySQL DoQuery Error:</strong><span style=\"color: #f00;\"> <br />{$query} <br />". mysql_error($this->link). "</span>"); return $this->query; } function FetchArray($query) { // Retrieve results of DoQuery $this->results = mysql_fetch_array($query, MYSQL_ASSOC); return $this->results; } function NumRows($query) { // get Number of results $this->num = mysql_num_rows($query); return $this->num; } } ?>

So in the above code $result['reason'] would be where the \n are and the nl2br() is not doing its job

Here is the script that just shows the row the user has specified: <?php $ID = $_GET['id']; $str = "SELECT * FROM main_eco_data WHERE id = '{$ID}'"; $qry = $MySQL->DoQuery($str, $DBLINK); $results = $MySQL->FetchArray($qry); ?> <div style="line-height: 25px;"> <a href="javascript:history.back(-1)">Go Back</a><br /> ECO #: <?php echo $results['id'];?><br /> Title: <?php echo $results['title'];?><br /> Reason: <?php echo nl2br($results['reason']);?><br /> Originiator: <?php echo $results['originator'];?><br /> Cost: <?php echo $results['cost'];?><br /> Implimentation Date: <?php echo date('M d, Y', strtotime($results['implimentation_date']));?><br /> <br /> Summary:<br /> <?php echo $results['summary'];?> </div> $MySQL is a custom class I created that doesn't do any fancy formatting, just made it easier for me to not have to type out the function names all the time

I just find it odd that nl2br() won't add the <br /> from the information coming from the database.... none of the \n are double escaped in the raw data when I look at the row via MySQL on the command line.

magic_quotes_sybase = Off

Nothing is using addslashes()

The database does not have any extra slashes added. We have Part Numbers...We should use them!\n\nThis will be of great assistance during inventory times, as well as avoiding any confusion caused by referring to items by their model name.

magic_quotes_gpc = Off magic_quotes_runtime = Off

I've been using mysql_real_escape_string(trim($value)) when inserting into the database. I just tried it sans the DB and it works as expected. Why is this happening all the sudden with mysql_real_escape_string() where I don't think it has ever done that before?

Ok this has me stumped and I am sure someone can help me out When someone uses a textarea to insert multiple lined input it gets store into the database and has the \n added to where the new lines are to occur. When i read in the information from the database I use nl2br() but it doesn't seem to be adding the <br /> where the \n are but just displays the \n. Why is this? Am I missing something?? It's got me stumped on one of my projects and I don't know why this is happening. If the user hits enter/return multiple times in the textarea it just stores the \n\n etc but when I pull from the database and use nl2br() it just displays the \n\n. Example: <?php $value = "this is fun\n\n right? \n\n woo fun times ahead!"; ?> What I wrote: <?php echo nl2br($value);?> I leave the \n in the table's value because it can be read back into a textarea to be edited again by the user at a later time. I also noticed when I read it back into a textarea it shows up as \n and does not perform the actual line break.

Oh wait lol I am forgot that the mail class I created does it so I can see the headers, email address properly. Thanks! lol

It seems that PHP is automatically creating the specialhtmlentities characters for things like < or > or " etc. What do i need to turn off so it stops doing that automatically? Or is it a function i need at the top of my scripts? for some reason I cant think of why this is happening

My SELECT or DELETE returns 0 results. I have a main table that has 2 related tables. The 2 related tables might or might not have values associated to a row in the main table. If both tables have rows that match the main table, then I think it works. But if 1 of the sub tables only has a value associated to it then it returns 0. I want to be able to delete the main table row where ID matches 42 and then any row in either table which might make reference to the main table with a sub ID of 42.

I'm trying to get a SELECT statement working so that I can use it for a DELETE. Though if it's easier I am trying to DELETE rows from 3 tables that reference each other. Table1.id = Table2.sub_id = Table3.sub_id id to delete = 42 DELETE T1, T2, T3 FROM Table1 AS T1 LEFT JOIN Table2 AS T2 ON (T1.id = T2.sub_id) LEFT JOIN Table3 AS T3 ON (T1.id = T3.sub_id) WHERE T1.id = 42 The thing is, there can be rows matching Table1 in Table2 or not. Same goes with Table1 and Table3. Though I am thinking it has to do with my 2 LEFT JOINs. Example T1.id = 42 T2.sub_id = NULL T3.sub_id = 42 or T1.id = 42 T2.sub_id = 42 T3.sub_id = NULL or T1.id = 42 T2.sub_id = 42 T3.sub_id = 42 So 2 tables link back to a main table. Hopefully this makes some sense. I'd rather not do separate delete statements [/code]

I found it easier to export your posts etc in XML formatted to Wordpress' liking and import it via the admin panel. If you don't have a full understanding of how the schema works for WordPress it will botch pretty good. Importing via XML format will ensure posts/comments etc are still linked properly together

Thanks for the help! Much appreciated

Ah cool that works nicely. So let me see if I can explain it in english as to what the regex does so i can understand what it does. ?=\s+ if after a comma and whitespace [\w\d-] can be word, numbers or hyphens {3} 3 or above characters [code] right? [/code]

weird so it removes the comma from in front of N-Female but leaves it in for the Nevada, MO ??