Title only showing first word once sent to database

[Smudly]

Users can type in a url in my form, along with a title for that url (anything they want). For the title however, once it is stored into the database, all that is shown is the first word. How can I fix this?

 

This is what my code looks like:

 

$title = str_replace(' ','%20',$title);

[kenrbnsn]

I really don't think that's all of your code. Please post the rest.

[Smudly]

This is on page 1:

 

$title = str_replace(' ','%20',$title);

 

After an If statement, it redirects to another page:

 

header("Location: confirmsite.php?url=$url&credits=$credits&title=$title");

 

On that page, I have:

 

$title = $_REQUEST['title'];
$queryconfirm = mysql_query("INSERT INTO websites VALUES ('','$_SESSION[userid]','$url','$credits','','y','','$title')") or die("Error submitting url, try again");

[kenrbnsn]

Where are the values for $url, $title, and $credits coming from?  If you had posted your entire script, I wouldn't have to ask.

 

If you're putting any variable into a URL, you should use the function urlencode on it's value to ensure that all characters are encoded correctly.

<?php
header("Location: confirmsite.php?url=" urlencode($url) . "&credits=" . urlencode($credits) . "&title=" . urlencode($title));
?>

 

When inserting data into a MySQL database always use the function mysql_real_escape_string on the values. Also, since you know the data is coming from the URL, use $_GET instead of $_REQUEST.

 

<?php
$title = mysql_real_escape_string(stripslashes($_GET['title']));
$url = mysql_real_escape_string(stripslashes($_GET['url']));
$credits = mysql_real_escape_string(stripslashes($_GET['credits']));
$q = "INSERT INTO websites VALUES ('','$_SESSION[userid]','$url','$credits','','y','','$title')";
$queryconfirm = mysql_query($q) or die("Problem with the query: $q<br>" . mysql_error());
?>

 

Use my "or die" clause when debugging your code, when it's in production, you can use yours.

 

Ken

[Smudly]

Here are the two pages of code. Hopefully this gives a better idea of what is going on.

 

// sites.php //

<?php
session_start();



$submit = $_POST['submit'];

$title = $_POST['title'];
$title = str_replace(' ','%20',$title);
$url = strip_tags($_POST['url']);
$credits = strip_tags($_POST['credits']);



//////////////////////////////

if ($submit)
{

include('inc/connect.php');

$userid = $_SESSION[userid];


  

// Check if URL is Valid
if (preg_match("/^(http(s?):\/\/|ftp:\/\/{1})((\w+\.){1,})\w{2,}$/i", $url)) {
            
              //Check if URL is a Duplicate for current user			
		$results = mysql_query("SELECT * FROM `websites` WHERE `userid`='$userid' AND `url`='$url'");
                        $rows = mysql_num_rows($results);


		if ($rows<=0)
		{

			//mysql_query("INSERT INTO websites VALUES ('','$userid','$url','$credits','','','','$title')") or die("Error submitting url, try again");
                                //echo "Your Site Has Been Submitted";
                                header("Location: confirmsite.php?url=$url&credits=$credits&title=$title");
                                exit();

		}
		else{
			echo "You have already submitted that site";
		}
	}
else {
	echo "Invalid URL";
	}
}

?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="styles/sites.css" />
</head>
<body>

<form action="sites.php" method="POST">
      <div id="sites">
           URL: <input type="text" name="url" value="http://"><br />
           Title: <input type="text" name="title" maxlength="60" value="<?php echo $title ?>"><br />
           Max Views Daily: <input type="text" maxlength="11" name="credits" value="<?php echo $credits ?>"><br />

           <input type="submit" name="submit" value="Submit Site">
           
      </div>
</form>

</body>
</html>

 

// confirmsite.php //

<?php
session_start();
$url = $_GET['url'];
$confirm = $_GET['confirm'];
$credits = $_REQUEST['credits'];
$title = $_REQUEST['title'];


if (isset($confirm)){
include('inc/connect.php');

$queryconfirm = mysql_query("INSERT INTO websites VALUES ('','$_SESSION[userid]','$url','$credits','','y','','$title')") or die("Error submitting url, try again");
echo "<meta http-equiv=\"refresh\" content=\"0;url=sites.php\">";
exit;

}


?>

<html>
<head>
<link rel="stylesheet" type="text/css" href="styles/surfbar.css" />
<title>Confirm Website</title>
<script type="text/javascript">

var time = 10;

function startCountdown(){
    var t = setTimeout("countdown()", 1000);
}

function countdown(){
var uRl = "<?php echo $url;?>";
var cRedits = "<?php echo $credits;?>";
var tItle = "<?php echo $title;?>";

    --time;
    if(time == 0){
        document.getElementById("countdown").innerHTML = "<a href=?confirm&url=<?php echo $url;?>&credits=<?php echo $credits;?>&title=<?php echo $title;?> name=confirm>Confirm</a>";

    }else{
        document.getElementById("countdown").innerHTML = time;
        var t = setTimeout('countdown()', 1000);
    }
}
</script>

</head>
<body onload="startCountdown();">
<table width="100%" height="100%" cellspacing="0" cellpadding="0" border="0">
<?php

echo "<tr><td style=\"background:#333333;height:80px;border-bottom:#aaaaaa solid 2px;\">";
include('confirmbar.php');
echo "</td></tr>";
?>

<tr><td>
<iframe src="<?php echo $url;?>" width="100%" height="100%" frameborder="0" marginwidth="0" marginheight="0">
  <p>Your browser does not support iframes.</p>
</iframe>
</td></tr>

</table>
</body>

</html>

 

My Database is as follows:

 

Database name: websites

 

Field Type Null Default Comments

id int(11) No   

userid int(11) No   

url varchar(2083) No   

credits int(11) No  0 

stats int(11) No  0 

active tinytext No   

status text No   

title varchar(50) No   

 

 

Thanks

 

[kenrbnsn]

Did you try my suggestions?

 

Ken

[Smudly]

Yes, I did. They didn't work.