error 406

[pacojr10]

I get a 406 not acceptable error when I post to my mysql db a string containing "https://.....

 

The strange thing is that I only get it on one of the values, but it accepts it on another field.

The field it accepts with any value including the above is for the video field which is weird.

But for the "archivo" field it would not let me add the value and it gives me the error.

 

This is the complete error:

406 Not acceptable  //page title Not Acceptable  //page

An appropriate representation of the requested resource /ccr/clases.php could not be found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

 

 

 

 

 

please help,

here is my code:

 

 <?php 

 if(isset($_POST['Guardar'])){

 $semana=$_POST['semana'];

 $video=$_POST['video'];

 $archivo=$_POST['archivo'];

 $nombre=$_POST['nombre'];

 $leccion=$_POST['leccion'];

 

 //verificar si la semana ya existe 

 $existe=mysql_num_rows(mysql_query("SELECT semana FROM `clases` WHERE semana='$semana'"));

 if($existe==0){

 mysql_query("INSERT INTO clases VALUES('$semana','$nombre','$archivo','$leccion','$video')");

 }

 else{

 mysql_query("UPDATE `clases` SET `nombre`='$nombre', `archivo`='$archivo', `nombre_leccion`='$leccion', `video`='$video' WHERE `semana`='$semana';");

   }

 header("Location: clases.php");

 }

 ?>

     

         <button type="button" class="btn btn-inverse" data-toggle="collapse" data-target="#demo">AGREGAR</button>     

         

    <div id="demo" class="collapse">    

     

     <form class="form-horizontal" action="" method="post">

     

     <div class="control-group">     

        <label class="control-label" for="inputEmail">NOMBRE:</label>

        <div class="controls">

        <input class="input-xxlarge" type="text" name="nombre" id="nombre" placeholder="NOMBRE">

        </div>

     </div>

     

     <div class="control-group">     

        <label class="control-label" for="inputEmail">VIDEO:</label>

        <div class="controls">

        <input class="input-xlarge" type="text" name="video" id="video" placeholder="URL VIDEO">

        </div>

     </div>

     

     <div class="control-group">

        <label class="control-label" for="inputEmail">LECCIÓN:</label>

        <div class="controls">

        <input class="input-xlarge" type="text" name="leccion" id="leccion" placeholder="NOMBRE DE LECCIÓN">

        </div>

     </div>

     

     <div class="control-group">

        <label class="control-label" for="inputEmail">ARCHIVO:</label>

        <div class="controls">

        <input class="input-xxlarge" type="text" name="archivo" id="archivo" placeholder="URL ARCHIVO">

        </div>

     </div>

    

    <div class="control-group">

        <label class="control-label" for="inputEmail">SEMANA:</label>

        <div class="controls">

        <select name="semana" id="semana" class="span2">

        <?php for($i=1;$i<=52;$i++){ ?>

        <option value="<?php echo $i; ?>"><?php echo $i; ?></option>

        <?php } ?>

      </select>

        </div>

     </div>   

    

     <div class="control-group">

<div class="controls">

<button type="submit" name="Guardar" class="btn btn-primary">Guardar</button>

</div>  

</div>    

     </form>

     <div id="resultado"></div>    

     

     </div>     

     

          </div>

          <?php } //fin si es administrador?>

[joallen]

Use the following:

 

mysql_real_escape_string($yourvariablehere).

 

You have to tell apache to ignore any characters and simply accept the variable as a string. Also ensure the fields in your database are set up correctly. A field containing large amounts of text should be set to TEXT or BLOB. Fields with a smaller number of characters can be set to VARCHAR and specify the number of characters allowed...generally 255 max if you aren't 100% sure the length of the values going to be inserted. 255 will at least accommodate urls if you are inserting them to a table.

 

You may also want to specify which fields you are inserting into. See below:

<?php 
 if(isset($_POST['Guardar'])){
 $semana= mysql_real_escape_string($_POST['semana']);
 $video= mysql_real_escape_string($_POST['video']);
 $archivo= mysql_real_escape_string($_POST['archivo']);
 $nombre= mysql_real_escape_string($_POST['nombre']);
 $leccion= mysql_real_escape_string($_POST['leccion']);
 
 //verificar si la semana ya existe 
 $sql = "SELECT * FROM clases WHERE semana='".$semana."'";
 $result = mysql_query($sql)
 $existe = mysql_num_rows($result);
 if($existe==0){
     $sql = "INSERT INTO clases (semana, nombre, archivo, leccion, video) VALUES 
            ('".$semana."','".$nombre."','".$archivo."','".$leccion."','".$video."')";
     mysql_query($sql);
 }
 else{
     $row = mysql_fetch_assoc($result);
     $sql = "UPDATE clases SET nombre="'.$nombre."',archivo='".$archivo."',nombre_leccion='".$leccion."',video='".$video."' WHERE id=".$row['id'] //You should always have a field, in this case named id, which acts as a primary key and auto-number for records.
     mysql_query($sql);
   }
 header("Location: clases.php");
 }
 ?> 

You will notice I use $row['id'] in the Update script. You should always have a column which is an auto-number primary key for your tables. It makes updating data much more efficient. In the event you had the same value in semana on multiple rows in your table, it would update them all. If this was your intent then you can remove my script. I take it your database only contains unique values in the semana column.

 

Cheers!

Edited December 9, 2013 by joallen