Jump to content

Recommended Posts

I have the following code that outputs a url. It searches my MySQL database for the name of a given item within a theme:

 

$relative = 'http://www.domain.com/wp-content/';
$url1= $relative . 'themes/arjuna-x/itemspec.php?type=';
$url2='&item=';

<a class="entry-thumbnails-link" href="<?php echo $url1.'Themes'.$url2.$rowThemes['Theme']; ?>">

 

The output is as follows:

http://www.domain.com/wp-content/themes/arjuna-x/itemspec.php?type=Themes&item=(insert variable here)

 

All is good up to this point.

 

My problem however, is that some items (in this case: theme names) have apostrophes in them. For example: April Fool's.

 

This results in breaking my php code.

 

How can I get php to call these variables with apostrophes so that they don't break my php?

Link to comment
https://forums.phpfreaks.com/topic/220763-php-passing-variables-to-url/
Share on other sites

My database isn't finding the item after retrieving it:

 

<a href="<?php echo $url1.'Themes'.$url2.urlencode($rowThemes['Theme']); ?>">

 

The url appears as:

http://www.domain.com/wp-content/themes/arjuna-x/itemspec.php?type=Themes&item=April+Fool%27s

 

My itemspec.php code:

<?php include("../../../wp-blog-header.php"); ?>

<?php
  if (isset($_GET['item'])) {

include("variables.php");

switch (trim($table)) {
    case 'Mystery':
$Name = 'Mystery';
break;
case 'Themes':
$Name = 'Theme';
break;
    default:
$Name = 'Name';
break;
}

switch (trim($table)) {
    case 'Themes':
$sql = "SELECT * FROM " . $table . " WHERE ". $Name . " = '" . mysql_real_escape_string($item) . "'";
break;
    default:
$sql = "SELECT * FROM " . $table . " LEFT JOIN " . $table . "Themes USING ($Name) LEFT JOIN " . $table . "Methods USING ($Name) WHERE " . $table . "." . $Name . " = '" . mysql_real_escape_string($item) . "'";
break;
}

    $answer = mysql_query($sql);
    if ($answer) {
      if (mysql_num_rows($answer) > 0) {
        $row = mysql_fetch_assoc($answer);
?>

BUNCH OF SITE STUFF


<?php
      } else {
        echo "No $table found by that name.";
    }
  } else {
    echo "No type found by that name.";
  } 
  } else {
    echo "No type or item selected.";
  }
?>

 

The error I'm getting is:

No Themes found by that name.

 

The code is working for those themes without postrophes.

Using rawurlencode and rawurldecode results in this being stored in the variable:

 

Children\'s Hospital

 

Using urlencode and urldecode results in this being stored in the variable:

 

UCSF Benioff Children\'s Hospital

 

 

So both methods result in the same incorrect output. Is there any way to rectify this?

IF the slashes are in your database, there is no way for us to know how they got there unless you explain how the data is entered. Are the slashes in your data?

 

IF there are slashes in your data, you probably don't want them there, so fixing your data (and fixing whatever is adding slashes) seems logical to me. The alternative is to leave everything malfunctioning and write additional code to get around the problem. always.

Ah, I thought you were talking about the apostrophes and not the slashes.

 

 

The slashes are defininately not in the database. I have no clue what is causing the slashes to appear.

 

The url is called using this:

<a class="entry-thumbnails-link" href="<?php echo $url1.'Themes'.$url2.urlencode($rowThemes['Theme']); ?>">

 

Where:

 

$relative = 'http://www.domain.com/wp-content/';
$url1= $relative . 'themes/itemspec.php?type=';
$url2='&item=';

 

with $rowThemes['Theme'] containing the Theme name (in this case: Children's Hosiptal).

 

The url results in this:

http://localhost/wp-content/themes/itemspec.php?type=Themes&item=Children%27s%20Hospital

 

the item is then called using this:

$item = stripslashes(urldecode($_GET['item']));

 

 

Obviously, I would prefer it if I did not have to use stripslashes.

Okay, it must be the server adding slashes to GET variables due to magic_quotes being turned on. You'll need to either continue using stripslashes() or turn off magic_quotes via php.ini. Or account for both possibilities by checking for magic_quotes before using stripslashes():

 

if (get_magic_quotes_gpc()) {
$item = stripslashes($item);
}

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.