Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#144829 - 21/02/2003 00:36 PHP Help needed again
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Okay, so I've been using the code that I learned from you good people in the last thread I posted on the subject. However, there was a part of it that never worked correctly.

To refresh, I needed a simple journal type tool for my site. With your help, I created a form that, when filled out, would update the database, and another script that would display the contents of that database. There was just one problem with the first part.

Here is the code for the form:
<form action="input.php" method="POST">

<h2>Title:</h2> <input type="text" name="title" /><br><br>
<h2>Entry text:</h2> <textarea rows="10" cols="30" name="body"></textarea><br>
<input type="submit" value="Submit">
</form>

And here is the code for the script that processes the data from the form:
<?php 

mysql_connect ("localhost", "weblog", "allowat");
mysql_select_db("weblog");

$blogtime= time();

mysql_query("INSERT INTO article (`timestamp`, `title`, `body`)

values ('$blogtime', '$title', '$body')");?>

The problem is this: whenever a single quote is entered into either field and the form is submitted, the whole thing breaks/quits. Nothing is entered into the database, and the script exits normally (apparently).

David was helping me with this before, and he suggested using this to convert characters to HTML entities:
example:
$body=htmlentities($body);

Unfortunately, that didn't work.

Any ideas?
_________________________
Matt

Top
#144830 - 21/02/2003 00:52 Re: PHP Help needed again [Re: Dignan]
David
addict

Registered: 05/05/2000
Posts: 623
Loc: Cambridge
Strange. Single quotes should be escaped with backslashes automatically. Try adding

$body=addslashes($body);

Top
#144831 - 21/02/2003 00:56 Re: PHP Help needed again [Re: Dignan]
ricin
veteran

Registered: 19/06/2000
Posts: 1495
Loc: US: CA
You should send it through mysql_escape_string() first.

Take a look at urlencode() and str_replace() if you want to also handle spaces, carriage returns, line feeds, etc differently. Depends on exactly what you want the code to handle, and what you want done with it.
_________________________
Donato
MkII/080000565
MkIIa/010101253
ricin.us

Top
#144832 - 21/02/2003 01:58 Re: PHP Help needed again [Re: David]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
That code worked. Thanks
_________________________
Matt

Top
#144833 - 21/02/2003 02:09 Re: PHP Help needed again [Re: ricin]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
I'll have to take a close look at those commands. That sounds like something I do want to do. I've been fine on my own site with writing HTML entities for my posts, even to the extent of using &#39; every time I wanted to use a single quote (darn contractions). Now I'm going to be using the code on other sites now, and I want to make it a little more idiot-proof (or as much as can be expected).

Thanks.

ps- in str_replace(), how do you indicate a carriage return as the subject? I'd like to replace carriage returns with line breaks, and I can figure out all the variables but that one. Actually, I'm not sure how to indicate any of those examples you mentioned in your post about the function.


Edited by DiGNAN17 (21/02/2003 02:14)
_________________________
Matt

Top
#144834 - 21/02/2003 06:18 Re: PHP Help needed again [Re: Dignan]
David
addict

Registered: 05/05/2000
Posts: 623
Loc: Cambridge
For making newlines passed from forms into HTML BR tags, use nl2br().
The newline character is \n, carriage return is \r.

Top
#144835 - 21/02/2003 13:34 Re: PHP Help needed again [Re: David]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
I'm curious, what is the difference between new lines and carraige returns?
_________________________
Matt

Top
#144836 - 21/02/2003 14:32 Re: PHP Help needed again [Re: Dignan]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
They are two different control characters. Newline, sometimes called Linefeed, is Ctrl-J and Carriage Return is Ctrl-M. In DOS/Windows, text file lines are terminated with a CR/LF combo. In Unix, they're ended with a LF, and in MacOS 9 and prior, they're ended with a CR. Other OSes, I'm sure have similar combinations.

This all harkens back to the day when computers were controlled via teletypes, which were essentially automated typewriters. A carriage return caused the carriage (they part that printed the characters) to return to the left of the page. A line feed caused the paper to be forwarded one line. So to start a new line, you had to both feed the paper and get the carriage to return.

You can still see vestiges of this in printers. Those printers that accept plain text files for printing expect to see both a carriage return and a line feed. This crops up often in Unix printing, as if you forget to convert your text files before printing, you get what's called the ``stairstep effect'', wherein one line is printed, a linefeed is sent without a carriage return, and the next line starts printing where the first line ended, except on line down, so it looks like:
This is the first line

This is the second line
And the third
_________________________
Bitt Faulk

Top
#144837 - 21/02/2003 14:39 Re: PHP Help needed again [Re: wfaulk]
tonyc
carpal tunnel

Registered: 27/06/1999
Posts: 7058
Loc: Pittsburgh, PA
you get what's called the ``stairstep effect'', wherein one line is printed, a linefeed is sent without a carriage return

Is there a cool name for when things are printed with a CR but no LF? If not, I would like to suggest "the yucky unreadable blob of text effect."
_________________________
- Tony C
my empeg stuff

Top
#144838 - 21/02/2003 15:50 Re: PHP Help needed again [Re: wfaulk]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
So let's see if I get this right. I type this into the form:

In reply to:

They are two different control characters. Newline, sometimes called Linefeed, is Ctrl-J and Carriage Return is Ctrl-M. In DOS/Windows, text file lines are terminated with a CR/LF combo. In Unix, they're ended with a LF, and in MacOS 9 and prior, they're ended with a CR. Other OSes, I'm sure have similar combinations.

This all harkens back to the day when computers were controlled via teletypes, which were essentially automated typewriters.




Do I need to worry about carraige returns? Can I just use nl2br?

*edit*
Problem: for every <br> the code enters, for some reason it is being printed on the page as two. So if I type something and press return twice, when it prints on the page after being called from the database, it prints 4 new lines!
*edit*


One more string replacement question: is there a way to go through the string and replace links with working links? for example, if someone types in "www.yaho.com", it will store <a href="http://www.yahoo.com">www.yahoo.com</a>


Edited by DiGNAN17 (21/02/2003 16:05)
_________________________
Matt

Top
#144839 - 21/02/2003 18:20 Re: PHP Help needed again [Re: Dignan]
David
addict

Registered: 05/05/2000
Posts: 623
Loc: Cambridge
You need a regular expression to do that.

For URLs
ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]", "<a href=\"\\0\">\\0</a>", $text);

For email
ereg_replace("[^<>()[:space:]]+[[:alnum:]]+@[^<>[:space:]]+[[:alnum:]]", "<a href=\"mailto:\\0\">\\0</a>", $text);

The URL one needs a fully qualified string with http:// or ftp:// at the start. You can modify it to remove that requirement though.

Top
#144840 - 22/02/2003 01:12 Re: PHP Help needed again [Re: David]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Thanks! I'll test around with that.

By the way, the problem I had with the line breaks before was due to stupid errors on my part. I didn't realize that the script that printed the results on the page had an nl2br() inside it. Consequently, I was getting 4 to 8 <br>'s in the result.

This raises a question for me. Is it better to run the text through these things before or after it is stored in the database??
_________________________
Matt

Top
#144841 - 22/02/2003 03:00 Re: PHP Help needed again [Re: Dignan]
David
addict

Registered: 05/05/2000
Posts: 623
Loc: Cambridge
I prefer to put that kind of thing in the display code, so that the database stores what you typed in and if you need to change something (like you noticed a bug in your regular expression code) then you can change it in one place and it affects everything.

It also keeps HTML out of the text in the databasee, should you need to go in and edit it later.

Top