Jump to content

Recommended Posts

substr(clean($res['StudentName']),0,strrpos($res['StudentName'],' '));
substr(clean($res['StudentName']),(strrpos($res['StudentName'],' ')+1));

 

If the following is the case:

 

	function clean($str) {
	$str = @trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

$res['StudentName'] = Testy "Mc" Testerson

Link to comment
https://forums.phpfreaks.com/topic/189311-what-should-this-return/
Share on other sites

substr(clean($res['StudentName']),0,strrpos($res['StudentName'],' '));

Nothing as it is not assigned to a variable! However your function will return a string that is safe to use in a database query

<?php
$res['StudentName'] = "Joe Bloggs";
// Will store 'Joe' in $firstname
$firstname = substr(clean($res['StudentName']),0,strrpos($res['StudentName'],' '));
// insert into database
$result = mysql_query("INSERT INTO students SET firstname='".$firstname."'");
?>

Also using the substr() function is not the best way to split the students name into parts

substr(clean($res['StudentName']),0,strrpos($res['StudentName'],' '));

Nothing as it is not assigned to a variable! However your function will return a string that is safe to use in a database query

<?php
$res['StudentName'] = "Joe Bloggs";
// Will store 'Joe' in $firstname
$firstname = substr(clean($res['StudentName']),0,strrpos($res['StudentName'],' '));
// insert into database
$result = mysql_query("INSERT INTO students SET firstname='".$firstname."'");
?>

Also using the substr() function is not the best way to split the students name into parts

 

I figured you could assume that the echo was before the substr's  :P

But I need to know what it should do with the str Testy "Mc" Testerson

I thought that the first should return Testy "Mc" and the second should return Testerson but it's not. It's returning Testy / and the second is returning nothing. What would be better than substr?

What would be better than substr?

<?php
$res['StudentName'] = 'Testy "Mc" Testerson';

$nameParts = explode(" ", $res['StudentName']);
// you can view the parts of the name using print_r
// print_r($nameParts);
for($x = 0; $x < count($nameParts)-1; $x++) {
$firstname .= clean($nameParts[$x]);
}
$lastname = clean($nameParts[count($nameParts)-1]);
print $firstname." ".$lastname;
?>

What would be better than substr?

<?php
$res['StudentName'] = 'Testy "Mc" Testerson';

$nameParts = explode(" ", $res['StudentName']);
// you can view the parts of the name using print_r
// print_r($nameParts);
for($x = 0; $x < count($nameParts)-1; $x++) {
$firstname .= clean($nameParts[$x]);
}
$lastname = clean($nameParts[count($nameParts)-1]);
print $firstname." ".$lastname;
?>

 

A bit longer but truly a better idea ;)

I still have one problem though. I took out the clean. This is actually reading it from a database and displaying it in a textbox. I realized I didn't want the clean until i was inserting it back into the database. My problem however is that I can save the quoted names to the database but I cannot display them in the text box correctly.

Probably because the name contains a " and is causing a textfield to cut short in its value param. Remove quotes from a person's name. Nobody should have a quote in their name!

 

Unfortunately I got retards that do put quotes in their name and since this is a public system that is automatic I won't be able to get them to stop :(

Is there any way that I can make it account for it?

Is there any way that I can make it account for it?

Prior to any insert strip them out!

$name = 'Joe "idiot" Bloggs";
$name = str_replace('"',"", strip_tags($name));

I would run a replace command on your database to get rid of them. If you cannot then convert them into their html entity before displaying in a text field.

<input type="text" name="name" value="<?php print htmlentities($res['StudentName']); ?>" />

yes

 

So I've tried doing both of the following with the clean function and it is still storing the quotes :/

 

	function clean($str) {
	$str = @trim($str);
	str_replace('\"',"", strip_tags($str));
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

function clean($str) {
	$str = @trim($str);
	str_replace('"',"", strip_tags($str));
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

When using php functions you must check what the return value of the fuction is!

You have added the str_replace function but not stored its return value

str_replace('\"',"", strip_tags($str));

 

should be

// remove any " from $str also strip any HTML tags
$str = str_replace('"',"", strip_tags($str));

When using php functions you must check what the return value of the fuction is!

You have added the str_replace function but not stored its return value

str_replace('\"',"", strip_tags($str));

 

should be

// remove any " from $str also strip any HTML tags
$str = str_replace('"',"", strip_tags($str));

 

Lol dumb mistake >< Thanks a lot buddy! You've helped a lot!

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.