jonoc33 Posted December 23, 2007 Share Posted December 23, 2007 Hey guys, This script is a code that adds a tactic into the database from a form on the previous page (that has fckeditor). It all works fine, but when you add images to the FCKeditor and submit them to the database, the img src="HTTP:// stuffs up the query. How would I go about fixing this? And yes, I have tried mysql_real_escape_string, that does not work. <?php include("../include/constants.php"); $db_host = DB_SERVER; $db_pass = DB_PASS; $db_user = DB_USER; $db_table = DB_NAME; include("../include/header.php"); if(mysql_connect($db_host,$db_user,$db_pass)) { if(mysql_select_db($db_table)) { $tactic_name = mysql_real_escape_string($_POST['tacticname']); $tactic_map = mysql_real_escape_string($_POST["map"]); $tactic = mysql_real_escape_string($_POST['tactics']); if(mysql_query("INSERT INTO ".TBL_TACTICS." (tacticname, map, tactics) VALUES ('".$tactic_name."','".$tactic_map."','".$tactic."')")) { print '<center>Record added. <br /><a href=admin.php>Back</a> </center>'; } else { print mysql_error(); } } else { print mysql_error(); } } else { print mysql_error(); } ?> Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/ Share on other sites More sharing options...
papaface Posted December 23, 2007 Share Posted December 23, 2007 Where is it being inserted in the code? Which variable. Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422011 Share on other sites More sharing options...
jonoc33 Posted December 23, 2007 Author Share Posted December 23, 2007 if(mysql_query("INSERT INTO ".TBL_TACTICS." (tacticname, map, tactics) VALUES ('".$tactic_name."','".$tactic_map."','".$tactics."')")) { print '<center>Record added. <br /><a href=admin.php>Back</a> </center>'; It actually doesn't stuff up the query, the query works fine. But the thing that doesn't work is this: I have a hidden textbox right that has all of the tactics from the database, when you hit an Edit button, it takes the POST data and you're able to edit it in a FCKeditor, although the image does not show up, and if you go into the source code, the image link disappears but the img src="" stays there. Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422012 Share on other sites More sharing options...
papaface Posted December 23, 2007 Share Posted December 23, 2007 What exactly is being inserted, and which variable is it. Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422014 Share on other sites More sharing options...
jonoc33 Posted December 23, 2007 Author Share Posted December 23, 2007 In the FCKeditor it has this: <img src="http://clan.revolutiongamerz.net/alpha/images/files/upload/cs_compound.jpg" alt="" /> Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422016 Share on other sites More sharing options...
papaface Posted December 23, 2007 Share Posted December 23, 2007 Try escaping the quotes <img src=\"http://clan.revolutiongamerz.net/alpha/images/files/upload/cs_compound.jpg\" alt=\"\" /> Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422018 Share on other sites More sharing options...
jonoc33 Posted December 23, 2007 Author Share Posted December 23, 2007 It does that automatically using mysql_real_escape_string, and it still does not output properly. If I do it manually and hit submit it just changes the http link to several slashes. Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422026 Share on other sites More sharing options...
papaface Posted December 23, 2007 Share Posted December 23, 2007 I have no idea what your problem is. Maybe you should try posting an error or some erroneous code or something... Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422029 Share on other sites More sharing options...
trq Posted December 23, 2007 Share Posted December 23, 2007 Replace.... if(mysql_query("INSERT INTO ".TBL_TACTICS." (tacticname, map, tactics) VALUES ('".$tactic_name."','".$tactic_map."','".$tactic."')")) { with $sql = "INSERT INTO ".TBL_TACTICS." (tacticname, map, tactics) VALUES ('".$tactic_name."','".$tactic_map."','".$tactic."')"; die($sql); if (mysql_query($sql)) { and show us the output. Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422033 Share on other sites More sharing options...
jonoc33 Posted December 23, 2007 Author Share Posted December 23, 2007 INSERT INTO alpha_tactics (tacticname, map, tactics) VALUES ('dsfsd','dfssf',' \\\"\\\" ') The last bit (\\\"\\\") was <img src="http://clan.revolutiongamerz.net/alpha/images/cs_compound.jpg" alt="" /> Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422037 Share on other sites More sharing options...
trq Posted December 24, 2007 Share Posted December 24, 2007 Post the output within [ code ] [ / code ] tags so we can actually see it. Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422047 Share on other sites More sharing options...
jonoc33 Posted December 24, 2007 Author Share Posted December 24, 2007 Edited. Heres a bit more info for you guys: print "<td nowrap><form name=\"form2\" method=\"post\" action=\"action.php?do=tacticedit1\">"; print "<input type=\"submit\" name=\"button\" id=\"button\" value=\"Edit\">"; print "<input name=\"tacticname\" type=\"hidden\" id=\"tacticname\" value=\"".$values['tacticname']."\">"; print "<input name=\"map\" type=\"hidden\" id=\"map\" value=\"".$values['map']."\">"; print "<input name=\"tactics\" type=\"hidden\" id=\"tactics\" value=\"".mysql_real_escape_string($values['tactics'])."\">"; print "</form></td></tr></table>"; There is what displays the edit button for the tactic. Notice the last input how it is a hidden tactics text box. The output is the Edit button, then next to it it, strangely enough, it has ">. I believe this is to do with the last bit of img html, being />. This interferes with the PHP "\">"; at the end of the print. Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422051 Share on other sites More sharing options...
jonoc33 Posted December 24, 2007 Author Share Posted December 24, 2007 Dont worry about it guys - probably a bit too complex, you have to see it first hand to know what i'm talking about. Link to comment https://forums.phpfreaks.com/topic/82976-mysql-query-problem/#findComment-422068 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.