melanie74 Posted October 10, 2007 Share Posted October 10, 2007 Hello everyone! I’m new to the board, but I’m hoping that someone can help me with this issue. I have an application written mostly in PHP, but uses HTML forms to collect data from users. The data is stored in a MySQL database. Anywho, the problem occurs if a user enters data such as 15" monitor or 50' cord into the form. In the database the data is displayed correctly. But in the browser it is truncated to either 15 (if single quotes used in input tag) or 50 (if double quotes used in input tag). What can I do so that no matter which type of measurement a user inputs, it will be displayed correctly? The user's input is held in $description. Below is the input code I used <input type = 'text' size = '40' name = 'pdescription' value ='<?php echo $description; ?>'></input> I saw another thread for a user who wanted to display height (ex. 5'11"). Someone responded to use ". This was one of the first things I tried and that does not work. Thanks a bunch! Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted October 10, 2007 Share Posted October 10, 2007 paste the whole code please Quote Link to comment Share on other sites More sharing options...
andrewthorp Posted October 10, 2007 Share Posted October 10, 2007 show us where you set $description Quote Link to comment Share on other sites More sharing options...
melanie74 Posted October 10, 2007 Author Share Posted October 10, 2007 Here's the code. session_start(); include("../../connect.php"); $record_nbr = $_SESSION['record_nbr']; $state_id = $_SESSION['empnbr']; $last_nm = $_SESSION['last_nm']; $first_nm = $_SESSION['first_nm']; $middle_init = $_SESSION['middle_init']; $active = "y"; //Set session for record_nbr passed from previous page because this page can be reloaded for error checking if(isset($_POST['hid'])) { $record_nbr = $_POST['hid']; $_SESSION['record_nbr'] = $record_nbr; } //Query gets record where id matches $sql = "select a.record_nbr, a.category_nbr as catnbr, a.category_item as catitm, a.name, a.description, a.model, a.serial_nbr, a.est_value, a.notes, a.date_assigned, a.date_returned, b.description as catdesc, c.description as itmdesc from property_tracking.assignment a inner join property_tracking.category b on (a.category_nbr = b.category_nbr) inner join property_tracking.category_item c on (a.category_nbr = c.category_nbr and a.category_item = c.item_nbr) where a.record_nbr = '".$record_nbr."'"; $result = mysql_query($sql); $row = mysql_fetch_array($result); extract($row); mysql_select_db("organization"); $sql = "select record_nbr, state_id, last_nm, first_nm, middle_init from employee where employee.active = '".$active."' order by last_nm, first_nm, middle_init"; $empresult = mysql_query($sql); $mistake = $_GET['err']; //error message if necessary ?> <html> <head> <title>Change Assignment</title> <link href="../../style.css" type=text/css rel=stylesheet> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <SCRIPT LANGUAGE=JAVASCRIPT> function message() { var answer = confirm("Are you sure you want to Delete this Record?") if (!answer) { return false; } } </SCRIPT> </head> <body text="#000000" leftMargin=18 rightMargin=0 bgcolor=white topMargin=2 bottommargin=0 onload="if(parent.frames.navig && parent.frames.navig.Go)parent.frames.navig.Go()"> <table border=0 cellPadding=0 cellSpacing=5 width="100%" bgcolor=white height="100%"> <tbody> <tr align=center vAlign=top > <td width="100%" border="1" > <p class=hdblubox style = "text-align: center"> Change an Assignment</p></td> </tr> <tr valign = "top"> <td align = "center" class = "pu"><?php echo $mistake; ?></td> </tr> <tr valign = "top" align = "center"> <td> <form method = "post" action = "edit_row_script.php" onSubmit = ""> <table width = "100%" cellspacing = "3" cellpadding = "3" border = "0"> <tr> <td align = "left" class = "psa">Category: <?php echo $catdesc; ?></td> </tr> <tr> <td align = "left" class = "psa">Property Type: <?php echo $itmdesc; ?></td> </tr> <tr> <td align = "right" class = "ps">Assigned To:</td> <td align = "left" ><select name = "assignedto"><option value = " "><?php echo $last_nm . ', ' . $first_nm . ' ' . $middle_init . ' - ' . $state_id; ?></option><?php while($row3 = mysql_fetch_array($empresult)){ extract($row3); ?> <option value = "<?php echo $state_id; ?>"<?php if($_POST['assignedto'] == $state_id){ echo "SELECTED"; $_SESSION['state_id'] = $_POST['assignedto']; } ?> ><?php echo $last_nm . ', ' . $first_nm . ' ' . $middle_init . ' - ' . $state_id;?> </option> <?php } ?> </select></td> </tr> <tr> <td align = 'right' class = 'ps'>Property Name:</td> <td align = 'left'><input type = 'text' size = '30' name = 'pname' value ='<?php echo $name; ?>'></input></td> </tr> <tr> <td align = 'right' class = 'ps'>Property Description:</td> <td align = 'left'><input type = 'text' size = '40' name = 'pdescription' value ='<?php echo $description; ?>'></input></td> </tr> <tr> <td align = 'right' class = "ps">Property Model:</td> <td align = 'left'><input type = 'text' size = '20' name = 'pmodel' value ='<?php echo $model; ?>'></input></td> </tr> <tr> <td align = 'right' class = 'ps'>Property Value (0.00): $</td> <td align = 'left'><input type = 'text' size = '10' name = 'pvalue' value ='<?php echo number_format($est_value,2); ?>'></input></td> </tr> <tr> <td align = 'right' class = 'ps'>Serial Number:</td> <td align = 'left'><input type = 'text' size = '15' name = 'pserial' value ='<?php echo $serial_nbr; ?>'></input></td> </tr> <tr> <td align = 'right' class = 'ps'>Notes:</td> <td align = 'left'><input type = 'text' size = '80' name = 'pnotes' value ='<?php echo $notes; ?>'></input></td> </tr> <tr> <td align = 'right' class = 'ps'>Date Assigned (mm/dd/yyyy):</td> <td align = 'left'><input type = 'text' size = '10' name = 'pdateassigned' value ='<?php echo $date_assigned; ?>'></input></td> </tr> <tr> <td align = 'right' class = 'ps'>Date Returned (mm/dd/yyyy):</td> <td align = 'left'><input type = 'text' size = '10' name = 'pdatereturned' value ='<?php echo $date_returned; ?>'></input></td> </tr> </table> <br> <table width = "75%" align = "center"> <tr bgcolor ="white"> <th><hr width = "100%" color = "#003399"></th> </tr> <tr bgcolor = ""> <th align = 'center'><input type = 'submit' value = 'Cancel' name = 'cancel' style = 'COLOR: #003399'> </input> <input type = 'submit' value = 'Update Assignment' style = 'COLOR: #003399' name = 'update'></input> </form><form method = "post" action = "edit_row_script.php" onsubmit = "return message()"><input type = 'submit' value = 'Delete Assignment' style = 'COLOR: #003399' name = 'delete'></input></form></th> </tr> </table> </td> </tr> </td> </tr> </tbody> </table> </td> </tr> </table> </body> </html> Quote Link to comment Share on other sites More sharing options...
andrewthorp Posted October 10, 2007 Share Posted October 10, 2007 is anything showing up in that field, or is that field blank? when you load the page Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted October 10, 2007 Share Posted October 10, 2007 where is $description defined? Quote Link to comment Share on other sites More sharing options...
marcus Posted October 10, 2007 Share Posted October 10, 2007 where is $description defined It technically isn't. But person who made this topic [-too lazy to scroll up-] Just do: $row = mysql_fetch_array($result); //get rid of the extract $description = $row['description']; // why? cause i said so ;p Quote Link to comment Share on other sites More sharing options...
melanie74 Posted October 10, 2007 Author Share Posted October 10, 2007 The contents of $description when echoed displays correctly. It's just when it's in the form that it truncates the quote mark after the number. It appears that $description is defined in another script that only shows the database contents which are the same as the echo. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted October 10, 2007 Share Posted October 10, 2007 so find that file and tellus what $description is defined as? Quote Link to comment Share on other sites More sharing options...
melanie74 Posted October 10, 2007 Author Share Posted October 10, 2007 $description is from the database. It gets it's data from row['pdescription'] from another script. The contents of $description are 15" monitor and this is what it shows in the database and when I tested an echo statement after the query. The problem is just in how that information is displayed in the form....it gets truncated down to 15 instead of saying 15" monitor. Quote Link to comment Share on other sites More sharing options...
melanie74 Posted October 10, 2007 Author Share Posted October 10, 2007 where is $description defined It technically isn't. But person who made this topic [-too lazy to scroll up-] Just do: $row = mysql_fetch_array($result); //get rid of the extract $description = $row['description']; // why? cause i said so ;p Not sure if I'm understanding where you want me to put this code. In the part where $description is or up where the query is. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted October 10, 2007 Share Posted October 10, 2007 so its $description= $_POST['pdescription']; ??? Quote Link to comment Share on other sites More sharing options...
marcus Posted October 10, 2007 Share Posted October 10, 2007 Lol. Darkfreaks. extract($row); Gives variables the action of it being apart of the $row array. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted October 10, 2007 Share Posted October 10, 2007 try using <?php $description= PDO->quote($description); /// adds quotes to a string in a mysql query ?> Quote Link to comment Share on other sites More sharing options...
melanie74 Posted October 10, 2007 Author Share Posted October 10, 2007 try using <?php $description= PDO->quote($description); /// adds quotes to a string in a mysql query ?> I tried this code, but everything disappeared. Quote Link to comment Share on other sites More sharing options...
marcus Posted October 10, 2007 Share Posted October 10, 2007 owned. Try using my code in replace of where you have the extraction. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted October 10, 2007 Share Posted October 10, 2007 http://www.phpbuilder.com/manual/en/function.pdo-quote.php read up on it Quote Link to comment Share on other sites More sharing options...
marcus Posted October 10, 2007 Share Posted October 10, 2007 PDO is 5.1 + Unix only. They might not have that. Quote Link to comment Share on other sites More sharing options...
roopurt18 Posted October 10, 2007 Share Posted October 10, 2007 If I understand this correctly, the data is stored correctly in the database. You are also able to correctly pull the table from the database and echo it to the screen with PHP and the data is what it should be. It sounds to me like you're wanting to use this data to set the default value of a form? Let's say the value in your variable is 15" monitor If you were to do this: echo "<input type=\"text\" value=\"{$variable}\" />"; The HTML would become: <input type="text" value="15" monitor" /> Are you sure that's not happening here? Quote Link to comment Share on other sites More sharing options...
Aureole Posted October 10, 2007 Share Posted October 10, 2007 I haven't really read the topic but use addslashes before you add it and stripslashes before you display it, wait no in fact... wouldn't you need to convert it to it's html entitiy couonterpart... " or whatever... Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted October 10, 2007 Share Posted October 10, 2007 You need to use the function htmlentites() with the ENT_QUOTES options. Example: <?php $inches = '15"'; $feet = "5'"; echo '<input type="text" name="feet" value="' . htmlentities($feet,ENT_QUOTES) . '"><br>'; echo '<input type="text" name="inches" value="' . htmlentities($inches,ENT_QUOTES) . '"><br>'; ?> Ken Quote Link to comment Share on other sites More sharing options...
melanie74 Posted October 11, 2007 Author Share Posted October 11, 2007 If I understand this correctly, the data is stored correctly in the database. You are also able to correctly pull the table from the database and echo it to the screen with PHP and the data is what it should be. It sounds to me like you're wanting to use this data to set the default value of a form? Let's say the value in your variable is 15" monitor If you were to do this: echo "<input type=\"text\" value=\"{$variable}\" />"; The HTML would become: <input type="text" value="15" monitor" /> Are you sure that's not happening here? It's not happening. If I do an echo to see what the contents of $description is (outside of the form), it display 15" monitor. If I try to display the contents of $description in the input field, it only shows 15. I have also tried the htmlentities() function, but that only displayed 15 as well. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted October 11, 2007 Share Posted October 11, 2007 try using html_entity_decode () instead of html entities . this will escape all double quotes this function will include doubles and will leave out single quotes. like people have said above you still need ENT_QUOTES in this function. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted October 11, 2007 Share Posted October 11, 2007 I just ran a test using the following code and the values displayed fine. Please post the code that didn't work. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>Testing Feet & Inches</title> </head> <body> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <?php $inches = '15"'; $feet = "5'"; echo '<input type="text" name="feet" value="' . htmlentities($feet,ENT_QUOTES) . '"><br>'; echo '<input type="text" name="inches" value="' . htmlentities($inches,ENT_QUOTES) . '"><br>'; ?> <input type="submit" name="submit" value="Test It"> </form> <?php if (isset($_POST['submit'])) echo '<pre>' . print_r(array_map("stripslashes",$_POST),true) . '</pre>'; ?> </body> </html> Ken Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.