Jump to content

Special Characters: _GET option not working

EternalSorrow

By EternalSorrow
in PHP Coding Help

 Share

Recommended Posts

EternalSorrow Member

EternalSorrow

Posted
Posted

I currently have a database which holds over 1100 titles, and several of them have special characters.  The database is viewed by means of a select box, and when any title is clicked the visitor is taken, via javascript, to a page showing information for that title.

 

Unfortunately when the title has a special character, even something as simple as an apostrophe, the visitor is taken to an empty page.  I use the _GET option to retrieval the title, and all I can assume is such a function isn't capable of handling special characters.

 

Any ideas on how to change the _GET portion of the code, or any other, for that matter, to accommodate for special characters?

 

Here's the code for the title page which visitors are taken to:

 

<?php

if (!is_numeric($_GET["title"]) && !empty($_GET["title"]) && $_GET["title"]!="")
{
$title = $_GET["title"];
}

mysql_connect(localhost,user,pw);
@mysql_select_db(db) or die( "Unable to select database");

$query="SELECT * FROM archives WHERE `title` = '$title' GROUP BY author ORDER BY title asc ";
$result = mysql_query( $query ) or die(mysql_error());

$i=2;

while ($row = mysql_fetch_array($result))
{
extract($row);

$contents_here = '<li><a href="'.$url.'" target="_blank">'.$title.'</A> by <a href="author.php?author='.$author.'">'.$author.'</A></li>';

if ($i==0)
{
echo ''.$contents_here.'';
}

else if ($i==2)
{
echo ''.$title.'</div>
<ol>
'.$contents_here.'';
}

else
{
echo ''.$contents_here.'';
}

$i++; $i=$i%2;

}
echo '</ol>';

?>

EternalSorrow Member

EternalSorrow

Posted
  • Author
Posted

Using the id won't really work because there are several stories with the same title, but different authors.  I don't want the select box to show all duplicate titles, so I have it set up that if the visitor clicks a title the page will show all stories under that title.  Doing it by id means some stories will never be viewable, or that all duplicate titles will have to be shown in the select box.

premiso Regular Member

premiso

Posted
Posted

mysql_real_escape_string

 

$title = isset($_GET["title"])?mysql_real_escape_string($_GET["title"]):null;

 

Should solve that issue. You should escape any string/text data going into the database with that function to prevent sql injection and errors with characters that cause mysql errors.

EternalSorrow Member

EternalSorrow

Posted
  • Author
Posted

mysql_real_escape_string

 

$title = isset($_GET["title"])?mysql_real_escape_string($_GET["title"]):null;

 

That helped slightly by allowing titles with parenthesis to show, but any titles with an apostrophe (except if they have parenthesis) or the more unusual ტ are still showing empty pages.

 

Here's the modified code:

<?php

mysql_connect(localhost,user,pw);
@mysql_select_db(db) or die( "Unable to select database");

if (!is_numeric($_GET["title"]) && !empty($_GET["title"]) && $_GET["title"]!="")
{
$title = isset($_GET["title"])?mysql_real_escape_string($_GET["title"]):null;
}

$query="SELECT * FROM archives WHERE `title` = '$title' GROUP BY author ORDER BY title asc";
$result = mysql_query( $query ) or die(mysql_error());

$i=2;

while ($row = mysql_fetch_array($result))
{
extract($row);

$contents_here = '<li><a href="'.$url.'" target="_blank">'.$title.'</A> by <a href="author.php?author='.$author.'">'.$author.'</A></li>';

if ($i==0)
{
echo ''.$contents_here.'';
}

else if ($i==2)
{
echo ''.$title.'</div>
<ol>
'.$contents_here.'';
}

else
{
echo ''.$contents_here.'';
}

$i++; $i=$i%2;

}
echo '</ol>';

?>

premiso Regular Member

premiso

Posted
Posted

Well the next issue is your charset, your DB charset is probably latin, this should UTF-8 for special characters. Your page that you submit the data to the DB to should also be in UTF-8 format for proper usage.

 

Try changing the DB charset to UTF-8 and defining your pages charset to also be UTF-8 using either header or the meta tag in HTML.

  • 3 weeks later...
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.