Jump to content

[SOLVED] Storing and retreiving Html in MySQL database

brittainm

By brittainm
in PHP Coding Help

Recommended Posts

brittainm Newbie

brittainm

Posted
Posted

I have a site which uses a MYSQL data base to store snipits of HTML to create the webpages. I am trying to write a PHP program to allow me to view and update these snipits so that I do not need to use PHPMYadmin directly.

 

The issue I have is that if I place any special chatactes in the form text area they collect slashes with each update thus " becomes \" then \\" etc.

 

I am using $snippit=htmlentities($result) before I display the field then $result=mysql_real_escape_string(html_entity_decode($_POST["snippit"]))) before I put it back into the database.

 

Any suggestions as to what I am doing wrong or any examples of how I can do this correctly.

cooldude832 Advanced Member

cooldude832

Posted
Posted

I've had this problem also

 

to output (this will output html and php execution)

<?php
			$row = mysql_fetch_assoc($r);
			ob_start();
			eval('?>'.html_entity_decode($row['Content']));
			ob_end_flush();

make a query to fit that

 

 

Then my inputting is done using the following bit its pulled out of my CMS so you will need to mod to fit your need but basic idea is there

Also the file type on the content field I use is binary so I get around all that special character issues

<?php
if(!empty($_POST['id'])){
	$q = "Select ContentID from `".CONTENT_TABLE."` Where ContentID = '".input_clean($_POST['id'])."'";
	$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
		if(mysql_num_rows($r) >0){
			$update['content'] = 1;
			$run_q = 1;

			if(empty($_POST['page'])){
				$this->error_repot("Page was empty was empty",1);
				$run_q = 0;
			}
			$q = "Select ContentID from `".CONTENT_TABLE."` Where Name = '".input_clean($_POST['page'])."' and ContentID != '".input_clean($_POST['id'])."'";
			$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
			if(mysql_num_rows($r) >0){
				$this->error_repot("The page is already in use",1);
				$run_q = 0;
			}
			if($run_q == "1"){
				$q = "Update `".CONTENT_TABLE."` SET 
					Name = '".input_clean($_POST['page'])."',
					Title = '".input_clean($_POST['title'])."',
					DateModified = NOW() ";

				#Post Process
				if($_FILES['content']['error'] != '0'){
					$this->error_report("Invalid Upload on Content.",1);
					$update['content'] = 0;
				}
				if($_FILES['content']['size'] > $MAX_SIZE){
					$this->error_report("Too large of a file on Content",1);
					$update['content'] = 0;
				}
				if($update['content'] == '1'){
					#move the file content temporary
					$tmp_name = $this->userid."_".date("U").".txt";
					$tmp_pos = $_SERVER['DOCUMENT_ROOT']."/uploads/".$tmp_name;					
					move_uploaded_file($_FILES['content']['tmp_name'],$tmp_pos);
					#insert the content into the query as binary
					$q .= ", Content = '".mysql_real_escape_string(file_get_contents($tmp_pos, FILE_BINARY))."' ";
					$this->error_report("Content Updated",0);
					#delete tmp file
					unlink($tmp_pos);
				}		

				$q .= " Where ContentID = '".input_clean($_POST['id'])."'";
				$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
			}
		}
	else{
		$this->error_report("Invalid Content",1);
	}
}
?>

 

 

So basically 3 things

 

1) Use a blob field (if u need to search it make a search able field in mysql that is text

2) Insert as binaries

3) Output as described above.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.