farban Posted May 19, 2008 Share Posted May 19, 2008 first of all i wasnt sure were to post this but im sure that someone can help me relating to this problem. i have a update/edit function which allows me to edit a post. when i paste in pure text from a word document and press update on the form the date is updated sucessfully. but if i copy paste like some text in from a website or forum (sometimes pure text or with emocons) it says that it cant update (cant execute query). it seems to me that the form can only update a certian type of text (im sorry its really hard to explain) i was wondering if there is a way which i can paste any type of txt into my form and clicking update will send that data. i dunno if its something to do with format or languages or something here is my swl database if it helps CREATE TABLE `pages` ( `page_id` tinyint(4) NOT NULL auto_increment, `title` varchar(50) NOT NULL, `messege` text NOT NULL, <<<-----(the feild that i try to update in the form) PRIMARY KEY (`page_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=107 ; any help would be nice if u can provide it please example i can paste this into the form and it WILL update: In my primary school days when I was young I would always create characters or objects by drawing or using Lego blocks. This developed into a great hobby of mine, as I loved the idea of creating something from nothing. Whenever I got free time I would always doodle or draw in my books creating new objects and characters and sometimes even developing them with narrative to give them meaning. In secondary school my hobby grew as my imagination expanded. I created a variety of different characters, environments and objects in my drawings and tried to inject atmosphere and meaning into various drawings. I completed secondary school and went into sixth form to take a levels in history, sociology and product design. I did this so I could have a broad career pathway and because I was interested in following history as a pathway. As I progressed in sixth form I gradually found it boring and unsatisfying for what I wanted. I felt my wants and needs change. My interest in history was example i can paste this into the form and it WONT update: The open philosophy of most wikis, allowing anyone to edit content, does not ensure that every editor is well-meaning. Vandalism can be a major problem. In larger wiki sites, such as those run by the Wikimedia Foundation, vandalism can go unnoticed for a period of time. Wikis by their very nature are susceptible to intentional disruption, known as "trolling". Wikis tend to take a soft security[14] approach to the problem of vandalism; making damage easy to undo rather than attempting to prevent damage. Larger wikis often employ sophisticated methods, such as bots that automatically identify and revert vandalism and JavaScript enhancements that show characters that have been added in each edit. In this way vandalism can be limited to just "minor vandalism" or "sneaky vandalism", where the characters added/eliminated are so few that bots do not identify them and users do not pay much attention to them. The amount of vandalism a wiki receives depends on how open the wiki is. For instance, some wikis allow unregistered users, identified by their IP addresses, to edit content, whilst others limit this function to just registered users. Most wikis allow anonymous editing without an account,[15] but give registered users additional editing functions; on most wikis, becoming a registered user is a short and simple process. Some wikis require an additional waiting period before gaining access to certain tools. For example, on the English Wikipedia, registered users can only rename pages if their account is at least four days old. Other wikis such as the Portuguese Wikipedia use an editing requirement instead of a time requirement, granting extra tools after the user has made a certain number of edits to prove their trustworthiness and usefulness as an editor. Basically, "closed up" wikis are more secure and reliable but grow slowly, whilst more open wikis grow at a steady rate but result in being an easy target for vandalism. A clear example of this would be that of Wikipedia and Citizendium. The first is extremely open, allowing anyone with a computer and internet access to edit it, making it grow rapidly, whilst the latter requires the users' real name and a biography of themselves, affecting the growth of the wiki but creating an almost "vandalism-free" ambiance. Quote Link to comment Share on other sites More sharing options...
liamloveslearning Posted May 19, 2008 Share Posted May 19, 2008 it would help if you paste the code itself : ) between [ code ] [ / code] tags "without the spacing" to me it appears the text it wont update has a line break between the two paragraphs, if you remove the <br> and try again it should work ; its hard to tell without the code tho Quote Link to comment Share on other sites More sharing options...
rhodesa Posted May 19, 2008 Share Posted May 19, 2008 Are you running the text through mysql_real_escape_string() before putting into your SQL? $sql = "UPDATE tablename SET fieldname = '".mysql_real_escape_string($_POST['mytext'])."' WHERE idfield = '123'"; mysql_query($sql) or die(mysql_error()); Also, make sure you use that mysql_error() part, as it provides valuable error info Quote Link to comment Share on other sites More sharing options...
MatthewJ Posted May 19, 2008 Share Posted May 19, 2008 Yeah, I would guess that the problem is the double quotes... the one that pastes okay is void of them Or the semicolon... Quote Link to comment Share on other sites More sharing options...
rhodesa Posted May 19, 2008 Share Posted May 19, 2008 The quotes and the new lines will cause problems. mysql_real_escape_string() takes care of both Quote Link to comment Share on other sites More sharing options...
farban Posted May 19, 2008 Author Share Posted May 19, 2008 ahhh ... sorry im abit newb at this ...so would i put the mysql escape string in the sql file of my database by any chance? im just not sure where to put it thats all. Quote Link to comment Share on other sites More sharing options...
rhodesa Posted May 19, 2008 Share Posted May 19, 2008 it's a PHP function. what is the PHP code you use to do the UPDATE? Quote Link to comment Share on other sites More sharing options...
farban Posted May 19, 2008 Author Share Posted May 19, 2008 also here is the code for the update page in which i paste the data and try to update it if this is any further help. <html> <head> <title>Edit An Article</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <style type="text/css"> <!-- .box { font-family: Arial, Helvetica, sans-serif; font-size: 12px; border: 1px solid white; background-color:#3a3839; color:white; } body { background-color:#3a3839; } a:link { color:white; text-decoration: none; } a:visited { color: white; text-decoration: none; } a:hover { color: blue; text-decoration: none; } a:active {color: white; text-decoration: none; } --> </style> </head> <body> <?php include 'library/config.php'; include 'library/opendb.php'; if(isset($_GET['page_id'])) { $query = "SELECT page_id, title, messege ". "FROM pages ". "WHERE page_id = '{$_GET['page_id']}'"; $result = mysql_query($query) or die('Error : ' . mysql_error()); list($page_id, $title, $messege) = mysql_fetch_array($result, MYSQL_NUM); $messege = htmlspecialchars($messege); } else if(isset($_POST['save'])) { $page_id = $_POST['page_id']; $title = $_POST['title']; $messege = $_POST['messege']; if(!get_magic_quotes_gpc()) { $title = addslashes($title); $messege = addslashes($messege); } // update the article in the database } include 'library/closedb.php'; ?> <form method="post" action="updatepost.php"> <input type="hidden" name="page_id" value="<?=$page_id;?>"> <table width="700" border="0" cellpadding="2" cellspacing="1" class="box"> <tr> <td width="100">Title</td> <td><input name="title" type="text" class="box" id="title" value="<?=$title;?>"></td> </tr> <tr> <td width="100">Content</td> <td><textarea name="messege" cols="50" rows="10" class="box" id="messege"><?=$messege;?></textarea></td> </tr> <tr> <td width="100"> </td> <td> </td> </tr> <tr> <td colspan="2" align="center"><input name="update" type="submit" class="box" id="save" value="Update Article"></td> </tr> </table> <p align="center"><a href="template.php?page=adminpanel">Click here to go back to the admin panel</a></p> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
rhodesa Posted May 19, 2008 Share Posted May 19, 2008 Next time, please use the code button (it's the one with the # sign on it).... But try replacing this: $page_id = $_POST['page_id']; $title = $_POST['title']; $messege = $_POST['messege']; if(!get_magic_quotes_gpc()) { $title = addslashes($title); $messege = addslashes($messege); } with $page_id = mysql_real_escape_string($_POST['page_id']); $title = mysql_real_escape_string($_POST['title']); $messege = mysql_real_escape_string($_POST['messege']); // Magic Quotes is obsolete. If you are running an older // version of PHP, you should disable magic_quotes // if(!get_magic_quotes_gpc()) // { // $title = addslashes($title); // $messege = addslashes($messege); // } Quote Link to comment Share on other sites More sharing options...
farban Posted May 19, 2008 Author Share Posted May 19, 2008 dosent seem to be working...the color code should be green for mysql escape string but its staying black... here is the updated changes <html> <head> <title>Edit An Article</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <style type="text/css"> <!-- .box { font-family: Arial, Helvetica, sans-serif; font-size: 12px; border: 1px solid white; background-color:#3a3839; color:white; } body { background-color:#3a3839; } a:link { color:white; text-decoration: none; } a:visited { color: white; text-decoration: none; } a:hover { color: blue; text-decoration: none; } a:active {color: white; text-decoration: none; } --> </style> </head> <body> <?php include 'library/config.php'; include 'library/opendb.php'; if(isset($_GET['page_id'])) { $query = "SELECT page_id, title, messege ". "FROM pages ". "WHERE page_id = '{$_GET['page_id']}'"; $result = mysql_query($query) or die('Error : ' . mysql_error()); list($page_id, $title, $messege) = mysql_fetch_array($result, MYSQL_NUM); $messege = htmlspecialchars($messege); } else if(isset($_POST['save'])) { $page_id = mysql_real_escape_string ($_POST['page_id']); $title = mysql_real_escape_string ($_POST['title']); $messege = mysql_real_escape_string ($_POST['messege']); } include 'library/closedb.php'; ?> <form method="post" action="updatepost.php"> <input type="hidden" name="page_id" value="<?=$page_id;?>"> <table width="700" border="0" cellpadding="2" cellspacing="1" class="box"> <tr> <td width="100">Title</td> <td><input name="title" type="text" class="box" id="title" value="<?=$title;?>"></td> </tr> <tr> <td width="100">Content</td> <td><textarea name="messege" cols="50" rows="10" class="box" id="messege"><?=$messege;?></textarea></td> </tr> <tr> <td width="100"> </td> <td> </td> </tr> <tr> <td colspan="2" align="center"><input name="update" type="submit" class="box" id="save" value="Update Article"></td> </tr> </table> <p align="center"><a href="template.php?page=adminpanel">Click here to go back to the admin panel</a></p> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
rhodesa Posted May 19, 2008 Share Posted May 19, 2008 Where is the code to update the table? In your original code, you had: // update the article in the database which I took for a place holder of the code you have to update the table. do you not have code for the ACTUAL update? i also assumed you did cus you said you had a test case that worked... Quote Link to comment Share on other sites More sharing options...
farban Posted May 19, 2008 Author Share Posted May 19, 2008 this may be what your asking for <?php include 'library/config.php'; include 'library/opendb.php'; $submit=$_POST['submit']; $page_id=$_POST['page_id']; //$date=$_GET['date']; $title=$_POST['title']; $messege=$_POST['messege']; //$menu_id = mysql_insert_id(); mysql_query("UPDATE pages SET title = '$title', messege ='$messege' WHERE page_id = '$page_id'") or die ("Couldn't execute query."); echo "Thank's for updating the post entitled <strong>$title</strong> in the database"; include 'library/closedb.php'; echo '<br><br><br><a href="template.php?page=adminpanel">Click here to go back to the admin panel</a>'; ?> this is a page which the form submits the data to so that its updated Quote Link to comment Share on other sites More sharing options...
rhodesa Posted May 19, 2008 Share Posted May 19, 2008 YES....wrap that func around those POST values: $page_id=mysql_real_escape_string($_POST['page_id']); $title=mysql_real_escape_string($_POST['title']); $messege=mysql_real_escape_string($_POST['messege']); Quote Link to comment Share on other sites More sharing options...
farban Posted May 20, 2008 Author Share Posted May 20, 2008 thanks rodesa it works now thanks loads Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.