how to accept all special characters for php mysql? pls, urgent.

[angel1987]

Hello all,

 

This is related to php and mysql both. Basically i want to accept all special characters on keyboard, store them in mysql database and display them through php on a webpage.

 

So can anyone please let me know just the syntax? I have used stripslashes, addslashes, mysql_real_escape_string, etc but i am not sure how to use it in combination since i keep getting issues.

 

So this is to solve the problem all at once, if i get a correct syntax that can accept all spe. characters on keyboard?

 

eg: ~`!@#$%^&*()-=_+{}[]\|:";'<>?,./

 

Issue : Basically, i have created an article submission script but my boss seems to be using a hell of special characters in it,so i am tired finding which character is creating the issue and how to solve it. Article wont just display because of that one or some char.

[PFMaBiSmAd]

If you use mysql_real_escape_string() on that list of characters to escape the \, the ', and the " in it (the characters that have special meaning when inside SQL string data), you can insert that list of characters into a mysql database table.

 

However, since some of those characters also have meaning in HTML, you would need to convert them to htmlentities when you output them as data on a web page to keep from breaking the HTML on the page.

 

What exact problem or symptom are you having.

[angel1987]

I have used mysql_real_escape_string() while adding to database.

 

Then used htmlentities() to convert string from database for displaying.

 

Every article is displayed fine.

Here is the article page : http://dombivlidirectory.com/article.php?title=Sachin Chintamani Karle

Here is the category page : http://dombivlidirectory.com/category.php?id=459

 

category page displays a part of the main article with its direct link, but the above article is not displayed on category page, some character seems to be causing that issue.

 

 

[angel1987]

help, anyone?

[jdavidbakr]

Is he copying and pasting from Word?  That's a gauntlet that you don't want to go down if you can help it ... you might be able to find a script that will replace all the wacky characters with html-compatible ones, I don't know.  I've had to write my own for this purpose, it was a process of taking the characters one at a time and building some regex to fix it.

 

You might also check to make sure all your character sets match - make sure that apache and mysql are using the same character sets.

[angel1987]

He does not copy paste from ms word, but it seems he thinks he is typing in word while using that web application. He adds contents that contains many special characters.

 

And that is what i am looking for, if anyone can just give me the proper syntax then that would be great, because there are so many methods, htmlentities, htmlspecialchars, stripslashes, addslashes, etc thats why i am confused, and not sure how to use them in combination.

 

BTW how to set the character set for php apache, mysql on web server?

[jdavidbakr]

How is he entering the wacky characters?  What if you stripped non-ascii characters, or are they pertinent to the document?  You could set the collation of the field in the database to ascii_general_ci maybe.

[angel1987]

Actually all characters are from the keyboard, none from outside.

 

example :  ~!@#$%^&*()_+`-={}|[]\:";'<>?,./

 

How am i able to enter those here, this is a SMF forum, what technic does this forum use?

[jdavidbakr]

If it's just those characters, then I'm kind of confused as to why htmlentities() isn't giving you a string that you can display.  Can you isolate the section of the string that's causing the issue?  Are you just echoing the data or are you using something like DomDocument do draw it?

[PFMaBiSmAd]

Are you using ENT_QUOTES as the second parameter in htmlentities()?

[angel1987]

ok, htmlentities worked, and the problem was never with single or double quotes, it was with backslash. i sorted it out too. now i can insert all special characters in database and read it and display it on web page.

 

but how to handle it in WHERE clause?

 

for example the query is :

article.php?title=~!@#$%^&*()_+`-={}|[]\\\\:\\\";\\\'<>?,./,./<>?&category=somecategory

 

article.php is taking the title from url :

$title = $_GET['title'];

 

So the query becomes

"SELECT * FROM articles WHERE title = '$title'";

It gives me this error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?,./'' at line 1

 

 

 

 

[jdavidbakr]

Sanitize your input -

 

$title = mysql_real_escape_string($_GET['title']);