djfox Posted May 5, 2008 Share Posted May 5, 2008 profile_pets.php: <?php //Date: August 30 2007 //For: secrettrance.net //Description: Manage Pets include("dbcon.php"); include("func.php"); require_once "design.php"; require_once "auth.php"; $id = $_SESSION['gal']; $Title = "Secret Trance: Manage Profile: Manage Pets"; require_once "header.php"; require_once "hidestatus.php"; session_start(); if (!isLoggedIn()) { Redirect("index.php"); } ?> <script language="JavaScript" type="text/javascript" src="wysiwyg.js"> </script> <p> <table border=0 width=100% bgcolor="000000"><? //2 ?> <tr> <td background="<? echo "$boxbanner"; ?>"><b>Manage Profile: Manage Pets</b> <tr> <td background="<? echo "$boxback"; ?>"> <?php if( $lev > 0){ if( $suspend < 1){ ?> <?php //get the info $res = mysql_query("SELECT id, pet_s FROM userdata WHERE id='$id'"); $rows = mysql_fetch_row($res); mysql_free_result($res); ?> <form enctype="multipart/form-data" action="profile_pets2.php" method="post"> <input type="hidden" name="id" value="<? echo "$id" ?>"> <b>Pets:</b> (Virtual pets gained from other sites.) <br><textarea id="t" rows="8" cols="80" name="text" style="border: 0px; background-color:#000000; color: #B6ABCE;" onKeyUp="return autoTab(this, 200, event);"><? echo "$rows[1]" ?></textarea> <script language="javascript1.2"> generate_wysiwyg('t'); </script> <p> <input type="image" src="<? echo $butupdate ?>" name="submit"> </form> <?php } else { if( $suspend > 0){ echo "Sorry, your account is on suspension. You must wait until suspension expires before you can access this."; } } } ?> </table><? //2 ?> <p> <? require("footer.php"); ?> profile_pets2.php: <?php //Date: August 30 2007 //For: www.secrettrance.net //Description: Manage Pets include("dbcon.php"); include("func.php"); require_once "design.php"; require_once "auth.php"; $Title = "Secret Trance: Manage Profile"; require_once "header.php"; require_once "hidestatus.php"; session_start(); if (!isLoggedIn()) { Redirect("index.php"); } if ($lev >0 ){ $text = $_POST['text']; $id = $_POST['id']; mysql_query("UPDATE userdata SET pet_s='$text' WHERE id='$id'"); mysql_close($con); //redirect header("Location: manageprofile.php"); } else { header("Location: today.php"); } ?> What the code should do: Input the text entered into the database as is. What the code is doing that it should not: If a url is entered, it adds in %5C%22 on either side of the url, messing up the urls entirely. Why is the code doing this all of the sudden when the code was not changed and had been working previously, what can I do to fix this? Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 %5C is a backslash (\). You must be using urlencode on a bad pathname. Change your paths to use a forward slash (/). Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 How do I do that? Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 Which URLs is it adding this on to? Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 Every url that is being entered into the form on profile_pets.php (the textarea). Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 %5C%22 converts to \t...so it's gotta be that autoTab(this, 200, event) on the onKeyUp handler. Show me the autoTab code and I'll try to fix it. =) Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 NEVER MIND. I converted it wrong. %5C%22 is \", so it's an escaped quote. Strip the slashes and use mysql_real_escape_string. Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 Strip the slashes and use mysql_real_escape_string. I`m still kind of a new with php, how do I strip the slashes? When in the code do I enter the real_escape line? Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 You know, just do this.... Instead of (in the second script): $text = $_POST['text']; Put: $text = str_ireplace("%5C%22", "", $_POST['text']); Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 It still wants to enter that extra stuff. Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 Do me a favor. Echo out $text for me after you set it equal to the code I gave you and show me the output. Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 This is going to be a little hard to explain why I can`t just copy and paste the echo results. The text being pushed through the form is html (which has been used successfully before). So the echo results are being displayed as a html page. The %5C%22 is still being entered. Instead of the images loading, they are just the box (the box that shows there was an image being called but it doesn`t work). Instead of the link being "http://www.pokeplushies.com/feed/321731", it comes out as "http://secrettrance.net/%5C%5C%5C%22http://www.pokeplushies.com/feed/321731%5C%5C%5C%22". Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 $to_replace = array("\\", "\""); $text=str_ireplace($to_replace, "", urldecode($_POST['text'])); Put that in and try it. >_> Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 EDIT Never mind. It at first worked, now it`s acting up again. Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 Any time. No one will EVER need to put a " or a \ in your URL for any reason, right? I mean, I SERIOUSLY doubt it, but I need to ask. Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 Sorry, the first run through it worked. Then the second time I did it, it`s refusing to cooperate, doing the same stunt as before. Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 > Grr. Show me the output of it now, along with the second script as you have it now. Time to write a regex. =/ Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 The best way I can show you the output where you could actually see it would be to go here: http://secrettrance.net/trancer.php?g=97 On the left side, scroll down. You will find a box labeled "Pets". That section shows what the profile_pets phps are entering. Second script as now: <?php //Date: August 30 2007 //For: www.secrettrance.net //Description: Manage Pets include("dbcon.php"); include("func.php"); require_once "design.php"; require_once "auth.php"; $Title = "Secret Trance: Manage Profile"; require_once "header.php"; require_once "hidestatus.php"; session_start(); if (!isLoggedIn()) { Redirect("index.php"); } if ($lev >0 ){ $to_replace = array("\\", "\""); $text=str_ireplace($to_replace, "", urldecode($_POST['text'])); $id = $_POST['id']; mysql_query("UPDATE userdata SET pet_s='$text' WHERE id='$id'"); mysql_close($con); //redirect header("Location: manageprofile.php"); } else { header("Location: today.php"); } ?> EDIT As it turns out other sections this is being done to as well. If we can get this profile_pets fixed, I can get the other ones fixed. Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 I see. Show me the first script in its entirety. Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 profile_pets.php <?php //Date: August 30 2007 //For: secrettrance.net //Description: Manage Pets include("dbcon.php"); include("func.php"); require_once "design.php"; require_once "auth.php"; $id = $_SESSION['gal']; $Title = "Secret Trance: Manage Profile: Manage Pets"; require_once "header.php"; require_once "hidestatus.php"; session_start(); if (!isLoggedIn()) { Redirect("index.php"); } ?> <script language="JavaScript" type="text/javascript" src="wysiwyg.js"> </script> <p> <table border=0 width=100% bgcolor="000000"><? //2 ?> <tr> <td background="<? echo "$boxbanner"; ?>"><b>Manage Profile: Manage Pets</b> <tr> <td background="<? echo "$boxback"; ?>"> <?php if( $lev > 0){ if( $suspend < 1){ ?> <?php //get the info $res = mysql_query("SELECT id, pet_s FROM userdata WHERE id='$id'"); $rows = mysql_fetch_row($res); mysql_free_result($res); ?> <form enctype="multipart/form-data" action="profile_pets2.php" method="post"> <input type="hidden" name="id" value="<? echo "$id" ?>"> <b>Pets:</b> (Virtual pets gained from other sites.) <br><textarea id="t" rows="8" cols="80" name="text" style="border: 0px; background-color:#000000; color: #B6ABCE;" onKeyUp="return autoTab(this, 200, event);"><? echo "$rows[1]" ?></textarea> <script language="javascript1.2"> generate_wysiwyg('t'); </script> <p> <input type="image" src="<? echo $butupdate ?>" name="submit"> </form> <?php } else { if( $suspend > 0){ echo "Sorry, your account is on suspension. You must wait until suspension expires before you can access this."; } } } ?> </table><? //2 ?> <p> <? require("footer.php"); ?> func.php <?php function emote( $src ){ //Get the emotes $res=mysql_query("SELECT flag,url FROM emote"); while( $r=mysql_fetch_row($res))$em[$r[0]]=$r[1]; mysql_free_result($res); $words=split(":",$src); foreach($words as $word){ if($em[$word]){ $ret.="<img src=$em[$word]>"; }else{ $ret.=$word; } } $ret=str_replace("\\","\\\\",$ret); return $ret; } ?> design.php <?php session_start(); $res = mysql_query("SELECT id,readonly,holiday,hgiham,hghdate FROM site_settings WHERE id='1'"); $site = mysql_fetch_row($res); mysql_free_result($res); if ($site[2] == normal ) { $boxbanner = 'largebanner.png'; $boxback = 'boxback.png'; $boxlarge = 'extrabanner.png'; $link = '0EA252'; $link2 = 'EB1650'; $link3 = '313490'; $link4 = '34778F'; $font = 'B6ABCE'; } elseif ($site[2] == halloween ) { $boxbanner = 'largebanner_halloween.png'; $boxback = 'boxback.png'; $boxlarge = 'extrabanner_halloween.png'; $link = '0EA252'; $link2 = 'EB1650'; $link3 = '313490'; $link4 = '34778F'; $font = 'B6ABCE'; } elseif ($site[2] == christmas ) { $boxbanner = 'largebanner_christmas.png'; $boxback = 'boxback.png'; $boxlarge = 'extrabanner_christmas.png'; $link = '0EA252'; $link2 = 'EB1650'; $link3 = '313490'; $link4 = '34778F'; $font = 'B6ABCE'; } $lev=isset($_SESSION['level2'])?$_SESSION['level2']:0; $suspend=isset($_SESSION['suspend'])?$_SESSION['suspend']:0; $adult=isset($_SESSION['adult'])?$_SESSION['adult']:0; $battle=isset($_SESSION['bat2'])?$_SESSION['bat2']:0; $logged=isset($_SESSION['gal'])?$_SESSION['gal']:0; $loggeduser=$_SESSION['sess_name']; $lala = strftime("%B %e, %Y %H:%M:%S", time()); $checkyear = strftime("%Y", time()); $checkmonth = strftime("%B", time()); $checkday = strftime("%e", time()); $checkhour = date("H"); $checkminute = strftime("%M", time()); if ($lev > 0){ mysql_query("UPDATE userdata SET active='$lala', cyear='$checkyear', cmonth='$checkmonth', cday='$checkday', chour='$checkhour', cminute='$checkminute' WHERE id=$logged"); } if ($checkhour == 0 || $checkhour == 12) { $dayname = "Evening"; $daynum = "2"; } elseif ($checkhour == 1 || $checkhour == 2 || $checkhour == 3 || $checkhour == 4 || $checkhour == 5 || $checkhour == 13 || $checkhour == 14 || $checkhour == 15 || $checkhour == 16 || $checkhour == 17) { $dayname = "Night"; $daynum = "3"; } elseif ($checkhour == 6 || $checkhour == 18) { $dayname = "Morning"; $daynum = "4"; } elseif ($checkhour == 7 || $checkhour == 8 || $checkhour == 9 || $checkhour == 10 || $checkhour == 11 || $checkhour == 19 || $checkhour == 20 || $checkhour == 21 || $checkhour == 22 || $checkhour == 23) { $dayname = "Day"; $daynum = "1"; } $butviewall = 'button_viewall.png'; $butcomment = 'button_comment.png'; $butvote = 'button_vote.png'; $butsearch = 'button_search.png'; $butrate = 'button_rate.png'; $butprev = 'button_previous.png'; $butnext = 'button_next.png'; $butlogin = 'button_login.png'; $butregis = 'button_register.png'; $butsend = 'button_send.png'; $butupload = 'button_upload.png'; $butbuy = 'button_buy.png'; $butmove = 'button_move.png'; $butsendmes = 'button_sendmessage.png'; $butupdate = 'button_update.png'; $butadd = 'button_add.png'; $butdel = 'button_remove.png'; $butup = 'button_up.png'; $butdown = 'button_down.png'; $butleft = 'button_left.png'; $butright = 'button_right.png'; $butwarp = 'button_warp.png'; $butreport = 'button_report.png'; include_once "where.php"; ?> auth.php <?php // Defines DEFINE('SESSION_MAGIC','sadhjasklsad2342'); // Initialization @session_start(); @ob_start(); /* Redirects to another page */ function Redirect($to) { @session_write_close(); @ob_end_clean(); @header("Location: $to"); } /* Deletes existing session */ function RemoveSession() { $_SESSION = array(); if (isset($_COOKIE[session_name()])) { @setcookie(session_name(), '', time()+(60*60*24*365), '/'); } } /* Checks if user is logged in */ function isLoggedIn() { return(isset($_SESSION['magic']) && ($_SESSION['magic']==SESSION_MAGIC)); } /* read message count */ function CountMessages($id) { if ($res=mysql_query("SELECT * FROM messagedata WHERE recBoxID=$id AND isNew=1")) { $count=mysql_num_rows($res); mysql_free_result($res); return($count); } return 0; } /* Go login go! */ function Login($username,$password) { global $nmsg, $rows; $ok=false; if ($res=mysql_query("SELECT id,level,mailNum, echo_count, status, isHold, guildLim, adult, battle, showtime FROM userdata WHERE login='$username' AND password='$password'")) { if ($rows=mysql_fetch_row($res)) { $_SESSION['sess_name'] = $username; $_SESSION['pass'] = $password; $_SESSION['gal'] = $rows[0]; $_SESSION['mail'] = $rows[2]; $_SESSION['level2'] = $rows[1]; $_SESSION['echos'] = $rows[3]; $_SESSION['status'] = $rows[4]; $_SESSION['suspend'] = $rows[5]; $_SESSION['guildnum'] = $rows[6]; $_SESSION['adult'] = $rows[7]; $_SESSION['bat2'] = $rows[8]; $_SESSION['tim'] = $rows[9]; $_SESSION['magic'] = SESSION_MAGIC; $nmsg = CountMessages($rows[0]); $ok=true; } else { include('login_failed.php'); } mysql_free_result($res); } return($ok); } /* Terminates an existing session */ function Logout() { @RemoveSession(); @session_destroy(); } /* Escape array using mysql */ function Escape(&$arr) { if (Count($arr)>0) { foreach($arr as $k => $v) { if (is_array($v)) { Escape($arr[$k]); } else { if (function_exists('get_magic_quotes')) { if(!get_magic_quotes_gpc()) { $arr[$k] = stripslashes($v); } } $arr[$k] = mysql_real_escape_string($v); } } } } // ----------------------------------------------- // Main // ----------------------------------------------- Escape($_POST); Escape($_GET); Escape($_COOKIE); Escape($_REQUEST); Escape($_GLOBALS); Escape($_SERVER); ?> header.php <title><? echo $Title ?></title> <style type="text/css"> <!-- input { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 13px; color: #B6ABCE; text-decoration: none; background-color: #000000; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px} } --> </style> <META NAME="keywords" CONTENT="online art gallery,art gallery,art,online art,online gallery,free online art gallery,drawings,literature,paintings,fiction,community art,digital art,traditional art,poetry,prose,applications,community,online community,secret,trance,photographs,photos,comics,anime,anthro,anthropomorphic,furry,furries,fantasy,horror,romance,adventure,action,macabre,animals,people,centaurs,unicorns,pegasus,mermaids,dragons,elves,japanese,wallpapers,pictures,image,images,free,artwork,illustrations,graphics,myths,mythology,gothic,games,online games,fantasy art,anime fantasy art,anime furry,anime fantasy,anime furries,anime illustrations,anime arts,pic art,anime illustration,draw art,anime gothic,anime dark,dark art,gothic art gallery,gothic art pictures,gothic art galleries,gothic artists,gothic artist,gothic fairy art,fairies,faeries,goth artist,goth art,goth artists,morbid art,vampire art,vampyr art,gothic pics,scary art,gothic fantasy,gothic anime,gothic drawing,dark gothic,dark goth,gothic death,gothic morbid,dark fantasy art,art sketches,anime original art,vampire fantasy art,vampire images,vampire pics,vampire drawings,vampire sketches,vampire anime,vampire drawing,vampire goth,vampire fantasy,vampire pic,pictures art,demons art,sketches art,vampire horror,pics art,secret trance, customize avatar, dolls"> <META NAME="description" CONTENT="Online community of artists and authors. Online art and literature galleries, customizable avatars, games and more available for free. Many different subjects and genres are available."> <body bgcolor="746D84" text="B6ABCE" link="B6ABCE" vlink="B6ABCE" onLoad="if (self != top) top.location = self.location"> <link REL="SHORTCUT ICON" HREF="favicon.ico"> <table border=0 width=100%> <tr> <td> <a href="today.php"><img src="banner2.png" border=0></a> </table> <?php if ($site[1] == 0) { ?> <? require_once "logged.php"; ?> <?php } else { if ($site[1] == 1){ echo "<table border=0 width=100% bgcolor='000000'><tr><td background='$boxbanner'><b>Read-Only Mode</b>"; echo "<tr><td background='$boxback'>"; echo "Secret Trance is in read-only mode for maintenance. Check back in a few minutes."; echo "</table>"; } } ?> hidestatus.php <script> function hidestatus(){ window.status='' return true } if (document.layers) document.captureEvents(Event.MOUSEOVER | Event.MOUSEOUT) document.onmouseover=hidestatus document.onmouseout=hidestatus </script> dbcon.php <?php //Date: 07/19/2004 //For: www.secrettrance.net //Description: This file is for the database connection $con = mysql_connect("localhost","dbuser","dbpass" ); mysql_select_db("database"); ?> (Personal info in dbcon changed since this is all public.) Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 Now, are those other images maybe broken because they were entered BEFORE the new code? Try adding a new pet and see if it works. I realllly think that it should work now...Where's the code that's displaying the pet info in that box? I can make a bandaid fix for the broken image if you show me that code. Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 Pretty much what it is that calls that info is: <?php if ($user[30] == 1){ ?> <p> <table border=0 width=100% bgcolor="000000"><? //9 ?> <tr> <td background="<? echo $boxbanner; ?>"><b>Pets</b> <tr> <td background="<? echo $boxback; ?>"> <? echo $user[25] ?> </table><? //9 ?> <?php } ?> Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 $user['25']...Example contents of that variable please. I think I can fix it. Show me EXACTLY what $user['25'] would contain. Quote Link to comment Share on other sites More sharing options...
djfox Posted May 5, 2008 Author Share Posted May 5, 2008 It should display: <a href="http://kofk.de/feed.php?id=wizardBelovedDoll"><img src="http://kofk.de/animal.php?id=wizardBelovedDoll" border="0"></a> <br> <a href="http://kofk.de/f.php?id=lordwBelovedDoll"><img src="http://kofk.de/lordwBelovedDoll.jpg" border="0"></a><p><a href="http://kofk.de/f.php?id=ehlBelovedDoll"><img src="http://kofk.de/ehlBelovedDoll.jpg" border="0"></a></p><p><a href="http://www.pokeplushies.com/feed/321731"><img src="http://www.pokeplushies.com/images/adoptables/321731.gif" border="0"><br>Click here to feed me a Rare Candy!</a></p><p><a href="http://www.pokeplushies.com/feed/321737"><img src="http://www.pokeplushies.com/images/adoptables/321737.gif" border="0"><br>Click here to feed me a Rare Candy!</a></p><p><a href="http://www.pokeplushies.com/feed/246470"><img src="http://www.pokeplushies.com/images/adoptables/246470.gif" border="0"><br>Click here to feed me a Rare Candy!</a></p><p><a href="http://www.pokeplushies.com/feed/246473"><img src="http://www.pokeplushies.com/images/adoptables/246473.gif" border="0"><br>Click here to feed me a Rare Candy!</a></p><p><a href="http://www.pokeplushies.com/feed/191283"><img src="http://www.pokeplushies.com/images/adoptables/191283.gif" border="0"><br>Click here to feed me a Rare Candy!</a><br><a href="http://www.pokeplushies.com">Get your own at PokePlushies!</a></p><p><a href="http://www.pokeplushies.com"><img src="http://www.pokeplushies.com/images/plushies/pokemon/493_4.gif" border="0"></a><table border="0"><tbody><tr><td><a href="http://www.pokeplushies.com"><img src="http://www.pokeplushies.com/images/plushies/pokemon/448.gif" border="0"></a></td><td><a href="http://www.pokeplushies.com"><img src="http://www.pokeplushies.com/images/plushies/pokemon/135.gif" border="0"></a></td></tr><tr><td><a href="http://www.pokeplushies.com"><img src="http://www.pokeplushies.com/images/plushies/pokemon/228.gif" border="0"></a></td><td><a href="http://www.pokeplushies.com"><img src="http://www.pokeplushies.com/images/plushies/pokemon/249.gif" border="0"></a></td></tr></tbody></table><br> </p><p> </p><div align="\"\\"\\\\"center\\\\"\\"\""><span style="" rgb(0,="\"\\"\\"\"" 0,="\"\\"\\"\"" 0);\\\\="\"\\"\\"\"">Beloved Doll\\\\\\\'s <a href="http://pokejungle.net/?id=other/pokepet">PokéPet<br><img src="http://pokejungle.net/other/pokepet/trainers/may.png" alt="\"\\"\\\\"\\\\"\\"\"" border="0"> <img src="http://pokejungle.net/other/pokepet/Mewtwo.gif" alt="\"\\"\\\\"\\\\"\\"\"" border="0"></a> <br>Shadow the level 75 Mewtwo!</span></div> <p> </p><div align="\"\\"\\\\"center\\\\"\\"\""><span style="" rgb(0,="\"\\"\\"\"" 0,="\"\\"\\"\"" 0);\\\\="\"\\"\\"\"">Beloved Doll\\\\\\\'s <a href="http://pokejungle.net/?id=other/pokepet">PokéPet<br><img src="http://pokejungle.net/other/pokepet/trainers/may.png" alt="\"\\"\\\\"\\\\"\\"\"" border="0"> <img src="http://pokejungle.net/other/pokepet/Lucario.gif" alt="\"\\"\\\\"\\\\"\\"\"" border="0"></a> <br>Lucario the level 75 Lucario!</span></div> <p> </p><div align="\"\\"\\\\"center\\\\"\\"\""><span style="" rgb(0,="\"\\"\\"\"" 0,="\"\\"\\"\"" 0);\\\\="\"\\"\\"\"">Beloved Doll\\\\\\\'s <a href="http://pokejungle.net/?id=other/pokepet">PokéPet<br><img src="http://pokejungle.net/other/pokepet/trainers/may.png" alt="\"\\"\\\\"\\\\"\\"\"" border="0"> <img src="http://pokejungle.net/other/pokepet/Mew.gif" alt="\"\\"\\\\"\\\\"\\"\"" border="0"></a> <br>Mew the level 75 Mew!</span></div> <p> </p><div align="\"\\"\\\\"center\\\\"\\"\""><span style="" rgb(0,="\"\\"\\"\"" 0,="\"\\"\\"\"" 0);\\\\="\"\\"\\"\"">Beloved Doll\\\\\\\'s <a href="http://pokejungle.net/?id=other/pokepet">PokéPet<br><img src="http://pokejungle.net/other/pokepet/trainers/may.png" alt="\"\\"\\\\"\\\\"\\"\"" border="0"> <img src="http://pokejungle.net/other/pokepet/Suicune.gif" alt="\"\\"\\\\"\\\\"\\"\"" border="0"></a> <br>Suicune the level 75 Suicune!</span></div> <p></p><p><table border="0"><tbody><tr><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/09ss001.gif"> </td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/09ss002.gif"> </td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/1031001.gif"> </td></tr><tr> <td><img src="http://i83.photobucket.com/albums/j291/unholylabs/1031002.gif"> </td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/1031003.gif"></td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/11215101.gif"></td></tr><tr><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/11215102.gif"></td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/11215103.gif"></td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/12007503.gif"></td></tr><tr><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/01008812.gif"></td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/020802001.gif"></td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/020802002.gif"></td></tr><tr><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/020802003.gif"></td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/080400121322.gif"></td><td><img src="http://i83.photobucket.com/albums/j291/unholylabs/080400121323.gif"></td></tr><tr> <td colspan="2"><a href="http://www.unholylabs.net/">Get your own at Unholy Laboratories!</a></td></tr></tbody></table></p> That`s what gets entered into the form. This is the result after the form is submitted and the info above is saved in the database: <a href="%5C%22http://kofk.de/feed.php?id=wizardBelovedDoll%5C%22"><img src="%5C%22http://kofk.de/animal.php?id=wizardBelovedDoll%5C%22" border="0"></a> <br> <a href="%5C%22http://kofk.de/f.php?id=lordwBelovedDoll%5C%22"><img src="%5C%22http://kofk.de/lordwBelovedDoll.jpg%5C%22" border="0"></a><p><a href="%5C%22http://kofk.de/f.php?id=ehlBelovedDoll%5C%22"><img src="%5C%22http://kofk.de/ehlBelovedDoll.jpg%5C%22" border="0"></a></p><p><a href="%5C%22http://www.pokeplushies.com/feed/321731%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/adoptables/321731.gif%5C%22" border="0"><br>Click here to feed me a Rare Candy!</a></p><p><a href="%5C%22http://www.pokeplushies.com/feed/321737%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/adoptables/321737.gif%5C%22" border="0"><br>Click here to feed me a Rare Candy!</a></p><p><a href="%5C%22http://www.pokeplushies.com/feed/246470%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/adoptables/246470.gif%5C%22" border="0"><br>Click here to feed me a Rare Candy!</a></p><p><a href="%5C%22http://www.pokeplushies.com/feed/246473%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/adoptables/246473.gif%5C%22" border="0"><br>Click here to feed me a Rare Candy!</a></p><p><a href="%5C%22http://www.pokeplushies.com/feed/191283%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/adoptables/191283.gif%5C%22" border="0"><br>Click here to feed me a Rare Candy!</a><br><a href="%5C%22http://www.pokeplushies.com%5C%22">Get your own at PokePlushies!</a></p><p><a href="%5C%22http://www.pokeplushies.com%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/plushies/pokemon/493_4.gif%5C%22" border="0"></a><table border="0"><tbody><tr><td><a href="%5C%22http://www.pokeplushies.com%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/plushies/pokemon/448.gif%5C%22" border="0"></a></td><td><a href="%5C%22http://www.pokeplushies.com%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/plushies/pokemon/135.gif%5C%22" border="0"></a></td></tr><tr><td><a href="%5C%22http://www.pokeplushies.com%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/plushies/pokemon/228.gif%5C%22" border="0"></a></td><td><a href="%5C%22http://www.pokeplushies.com%5C%22"><img src="%5C%22http://www.pokeplushies.com/images/plushies/pokemon/249.gif%5C%22" border="0"></a></td></tr></tbody></table><br> </p><p> </p><div align="\"\\"\\\\"\\\\\\\\"center\\\\\\\\"\\\\"\\"\""><span style="" rgb(0,="\"\\"\\\\"\\\\"\\"\"" 0,="\"\\"\\\\"\\\\"\\"\"" 0);\\\\\\\\="\"\\"\\\\"\\\\"\\"\"">Beloved Doll\\\\\\\\\\\\\\\'s <a href="%5C%22http://pokejungle.net/?id=other/pokepet%5C%22">PokéPet<br><img src="%5C%22http://pokejungle.net/other/pokepet/trainers/may.png%5C%22" alt="\"\\"\\\\"\\\\\\\\"\\\\\\\\"\\\\"\\"\"" border="0"> <img src="%5C%22http://pokejungle.net/other/pokepet/Mewtwo.gif%5C%22" alt="\"\\"\\\\"\\\\\\\\"\\\\\\\\"\\\\"\\"\"" border="0"></a> <br>Shadow the level 75 Mewtwo!</span></div> <p> </p><div align="\"\\"\\\\"\\\\\\\\"center\\\\\\\\"\\\\"\\"\""><span style="" rgb(0,="\"\\"\\\\"\\\\"\\"\"" 0,="\"\\"\\\\"\\\\"\\"\"" 0);\\\\\\\\="\"\\"\\\\"\\\\"\\"\"">Beloved Doll\\\\\\\\\\\\\\\'s <a href="%5C%22http://pokejungle.net/?id=other/pokepet%5C%22">PokéPet<br><img src="%5C%22http://pokejungle.net/other/pokepet/trainers/may.png%5C%22" alt="\"\\"\\\\"\\\\\\\\"\\\\\\\\"\\\\"\\"\"" border="0"> <img src="%5C%22http://pokejungle.net/other/pokepet/Lucario.gif%5C%22" alt="\"\\"\\\\"\\\\\\\\"\\\\\\\\"\\\\"\\"\"" border="0"></a> <br>Lucario the level 75 Lucario!</span></div> <p> </p><div align="\"\\"\\\\"\\\\\\\\"center\\\\\\\\"\\\\"\\"\""><span style="" rgb(0,="\"\\"\\\\"\\\\"\\"\"" 0,="\"\\"\\\\"\\\\"\\"\"" 0);\\\\\\\\="\"\\"\\\\"\\\\"\\"\"">Beloved Doll\\\\\\\\\\\\\\\'s <a href="%5C%22http://pokejungle.net/?id=other/pokepet%5C%22">PokéPet<br><img src="%5C%22http://pokejungle.net/other/pokepet/trainers/may.png%5C%22" alt="\"\\"\\\\"\\\\\\\\"\\\\\\\\"\\\\"\\"\"" border="0"> <img src="%5C%22http://pokejungle.net/other/pokepet/Mew.gif%5C%22" alt="\"\\"\\\\"\\\\\\\\"\\\\\\\\"\\\\"\\"\"" border="0"></a> <br>Mew the level 75 Mew!</span></div> <p> </p><div align="\"\\"\\\\"\\\\\\\\"center\\\\\\\\"\\\\"\\"\""><span style="" rgb(0,="\"\\"\\\\"\\\\"\\"\"" 0,="\"\\"\\\\"\\\\"\\"\"" 0);\\\\\\\\="\"\\"\\\\"\\\\"\\"\"">Beloved Doll\\\\\\\\\\\\\\\'s <a href="%5C%22http://pokejungle.net/?id=other/pokepet%5C%22">PokéPet<br><img src="%5C%22http://pokejungle.net/other/pokepet/trainers/may.png%5C%22" alt="\"\\"\\\\"\\\\\\\\"\\\\\\\\"\\\\"\\"\"" border="0"> <img src="%5C%22http://pokejungle.net/other/pokepet/Suicune.gif%5C%22" alt="\"\\"\\\\"\\\\\\\\"\\\\\\\\"\\\\"\\"\"" border="0"></a> <br>Suicune the level 75 Suicune!</span></div> <p></p><p><table border="0"><tbody><tr><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/09ss001.gif%5C%22"> </td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/09ss002.gif%5C%22"> </td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/1031001.gif%5C%22"> </td></tr><tr> <td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/1031002.gif%5C%22"> </td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/1031003.gif%5C%22"></td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/11215101.gif%5C%22"></td></tr><tr><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/11215102.gif%5C%22"></td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/11215103.gif%5C%22"></td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/12007503.gif%5C%22"></td></tr><tr><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/01008812.gif%5C%22"></td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/020802001.gif%5C%22"></td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/020802002.gif%5C%22"></td></tr><tr><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/020802003.gif%5C%22"></td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/080400121322.gif%5C%22"></td><td><img src="%5C%22http://i83.photobucket.com/albums/j291/unholylabs/080400121323.gif%5C%22"></td></tr><tr> <td colspan="2"><a href="%5C%22http://www.unholylabs.net/%5C%22">Get your own at Unholy Laboratories!</a></td></tr></tbody></table></p> Quote Link to comment Share on other sites More sharing options...
DarkWater Posted May 5, 2008 Share Posted May 5, 2008 Okay. This is going to be harder than I thought. =/ You should really consider making a pets table and linking it based on user_id....but that's for another day. You can do uhh...Wow. There's nothing really you can do to clean that up. It's very messy...You need to change all the database entries to not include those HTML entities. >_> Because if you try and remove quotes, it'll remove them on the HTML too. <?php $userstuff = explode("\"", $user[25]); $notallowed = array("\\", "\""); foreach ($userstuff as $v) { if (strpos("http://", $v) !== FALSE) { $v = str_ireplace($notallowed, "", urldecode($userstuff)); } $newuser[] = $v; } echo implode("", $newuser); ?> OKAY. THAT'S REALLY CONVOLUTED but it should work. You can try that as a bandaid for now, but REALLY clean up your database. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.