sql format problem

[shadiadiph]

why is it when I save a piece of text such as 'stars' to my sql database in a varchar row it saves as ???Stars???

[Maq]

How are you "saving" it?  Can we see some ???code???

[shadiadiph]

user inputs it into a usual input form filed then it posts to a submit page

 

$headline = $_POST["headline"];

 

then just a regular insert to database insert to headline and value $headline ???

 

 

[shadiadiph]

headline in the database is headline is set to varchar(255)

 

there is nothing odd about anything on the insert but seems to chage 'stars' to ???stars??? seems to change ' into ???

[fenway]

Are you using a DB class?

[shadiadiph]

yes i am

[fenway]

Then it's broken.

[shadiadiph]

i have been using this since day one but recently i have started thinking that maybe i shouldn't use it?

 

 

<?PHP
error_reporting(7);
// db class for mysql
// this class is used in all scripts
// do NOT fiddle unless you know what you are doing

class DB_Sql_vb {
  var $database = "";

  var $link_id  = 0;
  var $query_id = 0;
  var $record   = array();

  var $errdesc    = "";
  var $errno   = 0;
  var $reporterror = 1;

  var $server   = "localhost";
  var $user     = "root";
  var $password = "";

  var $appname  = "website.com";
  var $appshortname = "apa";

  var $technicalemail = "[email protected]";

  function connect() {
    global $usepconnect;
    // connect to db server

    if ( 0 == $this->link_id ) {
      if ($this->password=="") {
        if ($usepconnect==1) {
          $this->link_id=mysql_pconnect($this->server,$this->user);
        } else {
          $this->link_id=mysql_connect($this->server,$this->user);
        }
      } else {
        if ($usepconnect==1) {
          $this->link_id=mysql_pconnect($this->server,$this->user,$this->password);
        } else {
          $this->link_id=mysql_connect($this->server,$this->user,$this->password);
        }
      }
      if (!$this->link_id) {
        $this->halt("Link-ID == false, connect failed");
      }
      if ($this->database!="") {
        if(!mysql_select_db($this->database, $this->link_id)) {
          $this->halt("cannot use database ".$this->database);
        }
      }
    }
  }

  function close() {
     mysql_close($this->link_id);
  }

  function geterrdesc() {
    $this->error=mysql_error();
    return $this->error;
  }

  function geterrno() {
    $this->errno=mysql_errno();
    return $this->errno;
  }

  function select_db($database="") {
    // select database
    if ($database!="") {
      $this->database=$database;
    }

    if(!mysql_select_db($this->database, $this->link_id)) {
      $this->halt("cannot use database ".$this->database);
    }

  }

  function query($query_string) {
    global $query_count,$showqueries,$explain,$querytime;
    // do query

    if ($showqueries) {
      echo "Query: $query_string\n";

      global $pagestarttime;
      $pageendtime=microtime();
      $starttime=explode(" ",$pagestarttime);
      $endtime=explode(" ",$pageendtime);

      $beforetime=$endtime[0]-$starttime[0]+$endtime[1]-$starttime[1];

      echo "Time before: $beforetime\n";
    }

    $this->query_id = mysql_query($query_string,$this->link_id);
    if (!$this->query_id) {
      $this->halt("Invalid SQL: ".$query_string);
    }

    $query_count++;

    if ($showqueries) {
      $pageendtime=microtime();
      $starttime=explode(" ",$pagestarttime);
      $endtime=explode(" ",$pageendtime);

      $aftertime=$endtime[0]-$starttime[0]+$endtime[1]-$starttime[1];
      $querytime+=$aftertime-$beforetime;

      echo "Time after:  $aftertime\n";

      if ($explain and substr(trim(strtoupper($query_string)),0,6)=="SELECT") {
        $explain_id = mysql_query("EXPLAIN $query_string",$this->link_id);
        echo "</pre>\n";
        echo "
        <table width=100% border=1 cellpadding=2 cellspacing=1>
        <tr>
          <td><b>table</b></td>
          <td><b>type</b></td>
          <td><b>possible_keys</b></td>
          <td><b>key</b></td>
          <td><b>key_len</b></td>
          <td><b>ref</b></td>
          <td><b>rows</b></td>
          <td><b>Extra</b></td>
        </tr>\n";
        while($array=mysql_fetch_array($explain_id)) {
          echo "
          <tr>
            <td>$array[table] </td>
            <td>$array[type] </td>
            <td>$array[possible_keys] </td>
            <td>$array[key] </td>
            <td>$array[key_len] </td>
            <td>$array[ref] </td>
            <td>$array[rows] </td>
            <td>$array[Extra] </td>
          </tr>\n";
        }
        echo "</table>\n<BR><hr>\n";
        echo "\n<pre>";
      } else {
        echo "\n<hr>\n\n";
      }
    }

    return $this->query_id;
  }

  function fetch_array($query_id=-1,$query_string="") {
    // retrieve row
    if ($query_id!=-1) {
      $this->query_id=$query_id;
    }
    if ( isset($this->query_id) ) {
      $this->record = mysql_fetch_array($this->query_id);
    } else {
      if ( !empty($query_string) ) {
        $this->halt("Invalid query id (".$this->query_id.") on this query: $query_string");
      } else {
        $this->halt("Invalid query id ".$this->query_id." specified");
      }
    }

    return $this->record;
  }
  
  function fetch_object($query_id=-1,$query_string="") {
    // retrieve row
    if ($query_id!=-1) {
      $this->query_id=$query_id;
    }
    if ( isset($this->query_id) ) {
      $this->record = mysql_fetch_object($this->query_id);
    } else {
      if ( !empty($query_string) ) {
        $this->halt("Invalid query id (".$this->query_id.") on this query: $query_string");
      } else {
        $this->halt("Invalid query id ".$this->query_id." specified");
      }
    }

    return $this->record;
  }

  function free_result($query_id=-1) {
    // retrieve row
    if ($query_id!=-1) {
      $this->query_id=$query_id;
    }
    //return @mysql_free_result($this->query_id);
  }

  function query_first($query_string) {
    // does a query and returns first row
    $query_id = $this->query($query_string);
    $returnarray=$this->fetch_array($query_id, $query_string);
    $this->free_result($query_id);
    return $returnarray;
  }

  function data_seek($pos,$query_id=-1) {
    // goes to row $pos
    if ($query_id!=-1) {
      $this->query_id=$query_id;
    }
    return mysql_data_seek($this->query_id, $pos);
  }

  function num_rows($query_id=-1) {
    // returns number of rows in query
    if ($query_id!=-1) {
      $this->query_id=$query_id;
    }
    return mysql_num_rows($this->query_id);
  }

  function num_fields($query_id=-1) {
    // returns number of fields in query
    if ($query_id!=-1) {
      $this->query_id=$query_id;
    }
    return mysql_num_fields($this->query_id);
  }

  function insert_id() {
    // returns last auto_increment field number assigned

    return mysql_insert_id($this->link_id);

  }

  function halt($msg) {
    $this->errdesc=mysql_error();
    $this->errno=mysql_errno();
    // prints warning message when there is an error
    global $scriptpath, $contactemail;

    if ($this->reporterror==1) {
      $message="Database error in $this->appname: $msg\n";
      $message.="mysql error: $this->errdesc\n";
      $message.="mysql error number: $this->errno\n";
      $message.="Date: ".date("l dS of F Y h:i:s A")."\n";
      $message.="Script: " . (($scriptpath) ? $scriptpath : getenv("REQUEST_URI")) . "\n";
      $message.="Referer: ".getenv("HTTP_REFERER")."\n";

      @mail ($this->technicalemail.",".$contactemail,"$this->appshortname Database error!",$message,"From: \"".getenv("HTTP_HOST")."\" <$contactemail>");

      echo "\n\n<!-- $message -->\n\n";

      echo "<p>There seems to have been a slight problem with the database.\n";
      echo "Please try again by pressing the refresh button in your browser.</p>";
      echo "An E-Mail has been dispatched to our <a href=\"mailto:$contactemail\">Technical Staff</a>, who you can also contact if the problem persists.</p>";
      echo "<p>We apologize for any inconvenience. View the page source to display error.</p>";
      
      die("");
    }
  }
}
?>

[fenway]

No idea... I don't understand any of that.

 

All I'm saying is that you need to confirm that the input you provide to the DB class is what you expect, but that the output isn't -- which means it's flawed.

[shadiadiph]

ok thanks

[Maq]

If you post the code that creates the instance of this class, the methods invoked, and echo what you're passing to it then we may be able to help you.

[shadiadiph]

heres the relevant submit part of the code that is for a nornaml form with standard with nornal form elements

 

<?PHP
      ini_set ("display_errors", "1");
      error_reporting(E_ALL);
include("../../checkadminlogin.php");
include("../../../global/connection.php");

$action		= $_POST["action"];
if($action=="")
$action           = $_GET["action"];
$newsid         	= ($_POST["newsid"]);
$headlinesh  	= ($_POST["headline"]);
$headline     	= ($_POST["headline"]);
$article     	= ($_POST["article"]));
$newsdate     	= ($_POST["newsdate"]);
$sent       	= ($_POST["sent"]);



if($action=="add")
{
	$insertsql ="insert into tblnewsdetails (headlinesh, headline, article, newsdate, sent) values ('$headlinesh', '$headline', '$article', now(), 'No' )";		
	$DB_site->query($insertsql);
	header("Location:upnews.php");
	exit;
}	

[fenway]

If you post the code that creates the instance of this class, the methods invoked, and echo what you're passing to it then we may be able to help you.

Please don't ask for this in the future... this is purely a php issue... moving it there.