Jump to content

Recommended Posts

I have a database that has as a field `businessname`. I do a number of things with this field that are working fine, like populating textboxes, printing out as echo in any number of uses (<?php echo Recordset1['businessname'] ?>).  But for some reason when I try to echo in precisely the same fashion in an automated gmail all I get is "Pete's Coffee" and none of the subsequent text that normally accompanies the name of the business appears.  I know that the & is a special character but just as I have no idea why it is causing an error to be thrown, I can't understand why it appears fine in others.

 

Given that the string resides in fine shape in the database (with apostrophe and ampersand intact)

is there something I can do to sanitize the string when retreived by a query so it can be used in all applications?

 

Any help will be appreciated.

 

Jim

Edited by jcg31
Link to comment
https://forums.phpfreaks.com/topic/277232-problem-with-string-petes-coffee-tea/
Share on other sites

Um yeah, we need to see some code, but I'll hazard a guess you're trying to pass this name as a url parameter, and because the '&' is a separator for url's you get apparent truncation. When you utilize a string in a url, you need to urlencode() it.

Sorry folk, was out of town, thank you for the responses.

 

Here is the code written by Amit Sarwara and adapted for my purpose;

<?php
 
 // PHP5 Implementation - uses MySQLi.
 // Written by Amit Sarwara
 // mysqli('localhost', 'yourUsername', 'yourPassword', 'yourDatabase');
  
     $db = new mysqli('127.0.0.1', 'root' ,'', 'progadad');
 
 if(!$db) {
  // Show error if we cannot connect.
  echo 'ERROR: Could not connect to the database.';
 } else {
  // Is there a posted query string?
  if(isset($_POST['queryString'])) {
   $queryString = $db->real_escape_string($_POST['queryString']);
   
   // Is the string length greater than 0?
   if(strlen($queryString) >0) {
    
    // Run the query: We use LIKE '$queryString%'
    // The percentage sign is a wild-card, in my example of countries it works like this...
    // $queryString = 'Uni';
    // Returned data = 'United States, United Kindom';
    
    // YOU NEED TO ALTER THthE QUERY TO MATCH YOUR DATABASE.
    // eg: SELECT yourColumnName FROM yourTable WHERE yourColumnName LIKE '$queryString%' LIMIT 10
    
    $query = $db->query("SELECT id, ProspectName, prospectorFullName, assignedrep  FROM captureddata WHERE ProspectName LIKE '$queryString%' LIMIT 8");
    if($query) {
     // While there are results loop through them - fetching an Object (i like PHP5 btw!).
     while ($result = $query ->fetch_object()) {
      // Format the results, im using <li> for the list, you can change it.
      // The onClick function fills the textbox with the result.
      
      // YOU MUST CHANGE: $result->value to $result->your_colum
             //print_r($result);
      $theresult=addslashes($result->ProspectName);
     echo <<<html
     <li onClick="fill('{$result->ProspectName}','{$result->id}','{$result->assignedrep}','1');">{$result->ProspectName}</li>
html;
            }
    } else {
     echo 'ERROR: There was a problem with the query.';
    }
   } else {
    // Dont do anything.
   } // There is a queryString.
  } else {
   echo 'There should be no direct access to this script!';
  }
 }
 
?>

Did you post the right part of code? I thought you said it was something to do with "businessname" and sending emails.

 

Ah, yes, sorry, and thanks for sticking with me.  The field with the special character issue is actually "ProspectName" not "businessname' as mentioned in my first post.  I mistakenly posted the wrong code because it was my more recent discovery of the issue with "PropspectName".  In that case it is the apostrophe with the line of code immediately below (from the code offering above). If I eliminate the apostrophe the prospect name will populate the textbox in an ajax search, with the apostrophe included it won't.

 

Code fails at:

   <li onClick="fill('{$result->ProspectName}','{$result->id}','{$result->assignedrep}','1');">{$result->ProspectName}</li>

 

 

 

 

 

With the code below the issue is the ampersand,  take it out and all the copy that is suppose to follow appears, put it in and the last word that appears is "Coffee" (of Pete's Coffee & Tea)

 

. . .

<?php
 
  /*Recordset1*/
$colname_Recordset1 = "-1";
if (isset($_GET['id'])) {
  $colname_Recordset1 = $_GET['id'];
}
mysql_select_db($database_localserver, $localserver);
$query_Recordset1 = sprintf("SELECT * FROM captureddata WHERE id = %s", GetSQLValueString($colname_Recordset1, "int"));
$Recordset1 = mysql_query($query_Recordset1, $localserver) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
$val=$totalRows_Recordset1;
  ?>

...Table with bunches of content not affecting issue ...

</label></td>
        </tr>
       <tr>
         <td height="24" align="right">
         <td height="24" align="right"><?php 	$RepName=
 
		 $row_Recordset1['assignedrep'];
 		$firstLast= explode(" ",$RepName);
		$firstName=$firstLast[0]
            ?>
<?php $myToString= $row_Recordset2['email'];?><!-- email recipient --> 
<?php $mySubjectString="New Prospect Assignment"; ?>
<?php $myCCString= $row_Recordset3['mgrEmail']; ?>
<?php $myMgrSignoff= $row_Recordset3['mgrFirstName']; ?>
<?php $myPptrName= $row_Recordset1['ProspectorsName']; ?>
<?php $myIDName= $row_Recordset1['id']; ?>


<?php if ($myToString==""){$myToString="You need to make the assignment before sending email.";}?>
<input type="submit" name="btnSubmit" id="btnSubmit" value="Assign to Account Rep" onmousedown= "mymailfunction()" />
        <tr>
          <td height="24" align="right">        
          <td height="24" align="right"> <a href ="https://mail.google.com/mail/?view=cm&ui=2&tf=0&fs=1&to=<?php echo $row_Recordset2['email'];?>&su=New Prospect Assignment&body=
<?php echo $firstName.", ";?>%0D%0A%0D%0A
I have assigned  <?php echo $row_Recordset1['ProspectName']; ?> as a new prospect for you to call on this week.%0D%0A%0D%0ADetails of the prospect profile created by <?php echo $row_Recordset1['prospectorFullName']; ?> can be found at http://www.nccmprospects.com/narrativeonly.php?id=<?php echo $myIDName;?> .%0D%0A%0D%0APlease claim your lead by going to http://www.nccmprospects.com/AdRepInputNnav.php?id=<?php echo $myIDName;?> and selecting the Claimed radio button. %0D%0A%0D%0AThen as you make progress on the account, please update your progress by returning to the prospecting tool and selecting the 'Update Progress' in the 'Goto My Sales' section of the website.%0D%0A%0D%0AThanks,%0D%0A<?php echo $myMgrSignoff;?>

"TARGET="_blank">SEND EMAIL</a>

with the cod above it fails at

 

I have assigned  <?php echo $row_Recordset1['ProspectName']; ?> as a new prospect for you to call on...

 

 

Edited by jcg31
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.