Jump to content

php/mysql code problem


mrjameer

Recommended Posts

iam storing a variable in db as follows
$str='<html><b>ABCD</b></html>';
by using insert query,i put it in mysql db.

in my second program iam creating one textbox and inserting it in db as follows
$textbox1='name<input type="text" name="t1" value="<?php echo $str;?>">';
by using insert query iam storing it in db....

finally i have written a third program to retrieve these textboxes with $str values from db;but iam getting textbox with <?php echo $str;?> value.but i want to get <html><b>ABCD</b></html> in that textbox.please tell me how to do it.


//program for storing html code in db
<?php
$var1='<html><b>ABCD</b></html>';
$var2='<html><h3>EFGH</h3></html>';
$var3='<html><b>IJKL</b></html>';
$var4='<html><b>MNOP</b></html>';

$conn4=mysql_connect("localhost","","");
mysql_select_db("mrj",$conn4);
function escape_quotes( $html )
{
if ( get_magic_quotes_gpc() )
{
return( $html );
}
else
{
return( addslashes( $html ) );
}
}

$var1 = escape_quotes( $var1 );
$var2 = escape_quotes( $var2 );
$var3 = escape_quotes( $var3 );
$var4= escape_quotes( $var4 );
$sql="INSERT INTO mak VALUES('$var1','$var2','$var3','$var4')";
$result=mysql_query($sql,$conn4);
echo "record inserted";
?>

//program for storing textboxes with some values in db
<?php
$conn4=mysql_connect("localhost","","");
mysql_select_db("mrj",$conn4);

$va1='variable1<input type="text" name="vars1" size="35" value ="' .$var1.'"><br>';
$va2='variable2<input type="text" name="vars2" size="35" value ="' .$var2.'"><br>';
$va3='variable3<input type="text" name="vars3" size="35" value ="' .$var3.'"><br>';

$va4='variable4<input type="text" name="vars4" size="35" value ="' .$var4.'"><br>';
$updates='<input type="submit" value="update" onclick="this.form.action=\'upd.php\'"><br>';

function escape_quotes( $html )
{
if ( get_magic_quotes_gpc() )
{
return( $html );
}
else
{
return( addslashes( $html ) );
}
}

$va1 = escape_quotes( $va1 );
$va2 = escape_quotes( $va2 );
$va3 = escape_quotes( $va3 );
$va4 = escape_quotes( $va4 );
$updates = escape_quotes( $updates );

$sql="INSERT INTO sampl1 VALUES('$va1','$va2','$va3','$va4','$updates')";
$result=mysql_query($sql,$conn4) or die (mysql_error());
echo "record inserted";
?>

//program for retriving the textboxes with the values from db (the values which i stored in db by writing first program)
<?php
$conn4=mysql_connect("localhost","","");
mysql_select_db("mrj",$conn4);
$sql="SELECT * FROM sampl1";
$result=mysql_query($sql,$conn4);
while($newarray=mysql_fetch_array($result))
{
$va1=$newarray['va1'];
$va2=$newarray['va2'];
$va3=$newarray['va3'];
$va4=$newarray['va4'];
$updates=$newarray['updates'];
echo $va1."".$va2."".$va3."".$va4."".$updates;
}
?>

with this code either iam getting the value in textbox is <?php echo $str;?> like that or some blank textboxes.please help me to solve my problem

mrjameer :)
Link to comment
Share on other sites

First: please only post once, close the other post

Its note wise to store HTM code into a DB

do
[code]
<?php
$str = str_replace("<html>","[html]",$str);
$str = str_replace("</html>","[/html]",$str);
?>
[/code]

The reason u do str_replace <html> not str_replace < is because someone could easily inject code in there


Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.