knight47 Posted January 21, 2007 Share Posted January 21, 2007 I don't really understand what this means, the code's working fine, but it just outputs this error.[URL=http://"www.knight47.com/link_sharer"]test it out here[/URL][code=php:0]$raw_url = $_POST['url'];$disc = $_POST['disc'];$clean_url = htmlspecialchars("$raw_url", ENT_QUOTE); // cleans out the url field, to make sure no malaciose code gets through$clean_disc = htmlspecialchars("$disc", ENT_QUOTES); // cleans out the description field, to make sure no malaciose code gets through[/code]am I not supposed to use variables in htmlspecialchars() ?thanks. Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/ Share on other sites More sharing options...
Jessica Posted January 21, 2007 Share Posted January 21, 2007 You didn't post an error. Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165746 Share on other sites More sharing options...
knight47 Posted January 21, 2007 Author Share Posted January 21, 2007 [quote author=jesirose link=topic=123394.msg509913#msg509913 date=1169405490]You didn't post an error. [/quote] :D sorry![quote]htmlspecialschars() expects parameter 2 to be long, string given in line 5[/quote]line 5 is the first htmlspecialchars() Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165750 Share on other sites More sharing options...
Jessica Posted January 21, 2007 Share Posted January 21, 2007 Well for one, you don't need to surround your vars in "".Try $clean_url = htmlspecialchars($raw_url, ENT_QUOTES);I think you need to add the S on the end of ENT_QUOTE in the first one? Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165754 Share on other sites More sharing options...
knight47 Posted January 21, 2007 Author Share Posted January 21, 2007 [quote author=jesirose link=topic=123394.msg509921#msg509921 date=1169406212]Well for one, you don't need to surround your vars in "".Try $clean_url = htmlspecialchars($raw_url, ENT_QUOTES);I think you need to add the S on the end of ENT_QUOTE in the first one?[/quote]I completely removed the , ENT_QUOTES part from both variables, as well as the "s and it seemed to work perfectly. Do you think I should keep that part (, ENT_QUOTES)? or does it not matter? what does it do anyways.thanks jesirose Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165755 Share on other sites More sharing options...
Jessica Posted January 21, 2007 Share Posted January 21, 2007 Well if you look it up in the manual it says the default is ENT_COMPACT. If you look here: http://us2.php.net/manual/en/function.htmlentities.phpIt tells you what each of the options does. Those are the same ones for specialchars.I think htmlentities might be what you want to use instead. Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165756 Share on other sites More sharing options...
knight47 Posted January 21, 2007 Author Share Posted January 21, 2007 [quote author=jesirose link=topic=123394.msg509923#msg509923 date=1169406624]Well if you look it up in the manual it says the default is ENT_COMPACT. If you look here: http://us2.php.net/manual/en/function.htmlentities.phpIt tells you what each of the options does. Those are the same ones for specialchars.I think htmlentities might be what you want to use instead.[/quote]ok i've switched to [code=php:0]htmlentities($var, ENT_NOQUOTES)[/code], but it's still converting single, and double quotes, shouden't it leave them alone? Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165758 Share on other sites More sharing options...
Jessica Posted January 21, 2007 Share Posted January 21, 2007 That's what it says. Can you post what you're sending it and what it puts out? (haha puts out. No seriously.) Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165781 Share on other sites More sharing options...
knight47 Posted January 21, 2007 Author Share Posted January 21, 2007 [quote author=jesirose link=topic=123394.msg509948#msg509948 date=1169411510]That's what it says. Can you post what you're sending it and what it puts out? (haha puts out. No seriously.)[/quote]I'm sending in 2 fields, a URL, and a description ([url=http://www.knight47.com/link_sharer]link[/url])The code is:[code=php:0]$raw_url = $_POST['url'];$disc = $_POST['disc'];$clean_url = htmlentities($raw_url, ENT_NOQUOTES); // cleans out the url field, to make sure no malaciose code gets through$clean_disc = htmlentities($disc, ENT_NOQUOTES); // cleans out the description field, to make sure no malaciose code gets through$url = "<center><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\" SIZE=\"6\"><a href=\"$clean_url\" target=\"_blank\">$raw_url</a></FONT><br /><br /><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\" SIZE=\"4\"><b>Link Description:</b></FONT><br /><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\">$clean_disc</FONT></center>";$no_disc = "<center><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\" SIZE=\"6\"><a href=\"$clean_url\" target=\"_blank\">$raw_url</a></FONT>";[/code] (that's just a snippet of it) Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165821 Share on other sites More sharing options...
Jessica Posted January 21, 2007 Share Posted January 21, 2007 It looks like it's working fine to me, I tested it on your site and it worked. PS: Malicious, not maliciose. Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165834 Share on other sites More sharing options...
knight47 Posted January 21, 2007 Author Share Posted January 21, 2007 [quote author=jesirose link=topic=123394.msg510001#msg510001 date=1169416563]It looks like it's working fine to me, I tested it on your site and it worked. PS: Malicious, not maliciose. [/quote]yea it's working fine, but it's converting " into \" and ' into \"and I'm a bad speller, thanks :) Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165851 Share on other sites More sharing options...
Jessica Posted January 21, 2007 Share Posted January 21, 2007 oh that's because you probably have magic_quotes_gpc turned on. Run stripslashes() on the variables before outputting them. Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165857 Share on other sites More sharing options...
knight47 Posted January 21, 2007 Author Share Posted January 21, 2007 [quote author=jesirose link=topic=123394.msg510024#msg510024 date=1169418383]oh that's because you probably have magic_quotes_gpc turned on. Run stripslashes() on the variables before outputting them.[/quote]Yay! stripslashes() did it, thank you very much jesirose, I really appreciate it. :) Link to comment https://forums.phpfreaks.com/topic/35117-htmlspecialschars-error/#findComment-165915 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.