PHP - How To Receive Messages With Double Quotes In Place
I have created a simple form that collects a comment or question from a visitor to my website.
The problem is that if the visitor types: Your site looks Ok. I will get that message. But if the type: Your site needs "Work". I will get: Your site needs The script will not send the double quotes or anything after the double quotes What am I missing??? I have tried: addslashes() str_replace() preg_replace() with on change to the message. This is the script Code: [Select] <?php $recipient = $_POST['recipient']; $subject = $_POST['subject']; $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $senders_email_address = $_POST['senders_email_address']; $comments = $_POST['comments']; $mailheaders .= "To: Thin Dime Web. <$recipient>\n"; $mailheaders .= "From: $first_name $last_name <$senders_email_address>\n"; $body .= "Subject: $subject\n\n"; $body .= "Senders Name: $first_name $last_name\n"; $body .= "E-mail Address: $senders_email_address\n\n"; $body .= "The following Comments or Question came from a visitor to your website\n"; $body .= "\n"; $body .= "$comments\n"; mail("$recipient", "$subject", "$body", "$mailheaders"); ?> Similar TutorialsThis code only works in firefox <a onMouseout='hidetooltip()' onMouseover='tooltip(\"<img src=img/heroes/$hero.gif\")' href='hero.php?hero=$hero'>Text</a> Btw, I use this in echo (php). How to get quotes (triple) on <img src= ? I also have tried <img src='img/heroes/$hero.gif' But only works on FireFox Hello everyone! This is my first post. I am very new to php and mysql and coding in general. It has not been made 100% clear to me as to when I should use single quotes, double quotes, and {}. From what I gather you use single quotes for literal interpretation... so if you put something like a variable in single quotes and echoed it, it would literally echo it as it is written and not the value of the variable. in double quotes, I gather that it will echo the value of the variable. as for {} I am unclear as to when to use the curly brackets for a variable. I am assuming if you had a statement in single quotes and you put a variable in curly brackets you would get the value of the variable?
Edited by LazerOrca, 25 November 2014 - 11:20 PM. I don't think I've asked this before have I?? can someone give me an internet KB that gives me all scenarios that warrant using singles or doubles? as in, wrapping values, variables, and why I need to do either, and when, etc, etc....? thanks Edited March 29 by ajetrumpetA problem has arisen which puzzles me. I have forms which save data to MySql and retrieve it, showing it as the default data in the form. Naturally I escape any quotes before sending it to the database and remove the slashes when I retrieve it. But the form HTML code shows the data like this value="$variable" which is fine when only single quotes are used in the data but causes a problem when the user uses double quotes. So data of John \"Jack\" Smith would be output as value="John "Jack" Smith" with obvious problems. If I use value='...' then that would cause problems with single quotes. I haven't seen the answer in any of my books. The only things I can think of is changing all double quotes to single before saving to DB or converting them with htmlspecialcharacters so they are no longer actual quotes. I am wondering since in php when you write string in " " quotes php will look if there is any variable and if it is it will read that variable and replace variable name with that value inside the string. However when i use ' ' quotes php will not look for any variables inside that string. So my question is when you write a really big application is it good to always use ' ' quotes when you can instead of " " ones. Does that have an impact on performance. Thanks I'm designing a website that takes user input from in a <textarea></textarea> and enters the input into a database. Everything works besides if the user has double quotes (") in his/her message. (the name of the table that I want to add to is alluserposts) What i have so far is the following: from index.php: <form action="insert2.php" method="post"><textarea name="user_post" rows="6" cols="35"></textarea></form> from insert2.php: mysql_query("INSERT INTO alluserposts (post_value) VALUES(" . "\"" . $_POST['user_post'] . "\")" ,$db) or die(mysql_error($db)); I want the user to be able to input any character. How can i do that? same(this.getParams['vb'], ab.fill(), 'vb test');Expected: false Result: "false" Diff: false "false" Please tell me how to fix this problem. for print html : What's Better, Faster and Optimized ?!? Code: [Select] echo "<tr height=\"22\"> <form action = \"{$URL}/admin/edit.php\" method=\"POST\"> <input type=\"hidden\" name=\"login\"> <td width=\"15%\" bgcolor=\"$bgcolor\"> <input type = \"text\" name = \"login\" value=" . $f['login'] . "></td> <td width=\"15%\" bgcolor=\"$bgcolor\"> <input type = \"password\" name = \"password\" value=" . $f['pass'] . "> </td> </form> </tr>"; With PHP Method 2 : ( single ) Code: [Select] echo ' <tr><form action = "' . URL . '/admin/editadmins.php" method="POST"> '; echo ' <td align="left" valign="top"><input type = "text" name = "login" value = "' . $f['login'] . '"></td>'; echo ' <td align="left" valign="top"><input type = "password" name = "password" value = "' . $f['pass'] . '"></td></form></tr>'; Method 3 : (With Html And Php echo ) Code: [Select] <tr height="22"> <form action = "../admin/editadmins.php" method="POST"> <td align="left" valign="top"><input type = "text" name = "login" value = "<?PHP echo $f['login']; ?>"></td> <td align="left" valign="top"><input type = "text" name = "password" value = "<?PHP echo $f['pass']; ?>"></td> </form> <tr> Thanks. Is there a difference between a single quote regex and and double quote regex ?
for example :
<?php $res1 = preg_match('/shi*t/', $comment); $res2 = preg_match("/shi*t/", $comment); ?>Thank you Edited by Dareros, 17 September 2014 - 07:07 PM. Hi all I have a field in mySQL table called dimensions. It has the double quote in in for inches - " When I echo the result from the mySQL query on the item page (Customer facing) it's fine. However, I have built a form so that the administrator can edit the dimensions in the admin panel and when I echo it out in to the form field it stops when it gets to the double quotes? Pete When I add a ' or " quotes in a textarea I get a sql error when it tries to insert the record.
I was told to use mysqli_real_escape_string but that didn't work.
Here's my code -
$blog= mysqli_real_escape_string($con, $_POST['blog']); $blog= $_POST['message']; $sql = "SELECT * FROM table WHERE `message` = '{$message}'"; $result = mysql_query($sql); if ( mysql_num_rows ( $result ) > 0 ) { $error = "Message Exists."; } else { $error = "This message does not exist. Insert it!!!"; $sql="INSERT INTO table (message) VALUES ('$_POST[message])"; } if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } mysqli_close($con) Edited by barkly, 26 October 2014 - 09:31 PM. I have a navigation list displaying which is a mix of html and php, everything is working fine however now I want to convert this block of code into a function but am having major problems with quotes. The line of code I currently have is $data = $db->query("SELECT * FROM menu")->fetchAll(PDO::FETCH_ASSOC); foreach ($data as $row) { ?> <li><a href="<?php echo $row['url']; ?>" title="<?php echo $row['title']; ?>"><?php echo $row['icon'] . ' ' . $row['header']; ?></a></li> <?php } ?> As I say everything works using the above but now I am trying to echo the full li out and am having major issues with single and double quotes. I currently have echo "<li><a href='#' title='the title'><i class='fas fa-user site-nav--icon'></i> Help</a></li>"; Now I am trying to use the $row['url'], $row['title'], $row['icon'] & $row['header'] as per the top example but I cannot get the combination of quote marks correct, whether to use double, single or a combination. I would be grateful if someone could suggest the correct syntax for the a tag then I can work through the rest. Thanks Quotation marks are confusing me.
What do you guys use when it comes to quotation marks?
In HTML attributes and throughout the bodies of my web pages, I use the HTML entity ("). For example:
<a href="" title="Read "Article Name""> <p>In his new book, he says: "This is a quote."</p>I thought that this is the best practice. However, today, I read that it's perfectly safe to use straight quotes (") in the body, and that I should use the HTML entity only in HTML attributes. Is that correct? But what if I want to use curly quotes in the body instead of straight quotes? Should I always use the HTML entities for curly quotes (“ and ”), or can I also safely use the characters (“”)? I heard that straight quotes are safe in all browsers, even if you don't specify the character set of your web pages, but that curly quotes are only safe if you specify the character set or if you use the HTML entities. Is that true? And what about the <q> tag? Apparently, it's compatible with all browsers but they treat it differently. Edited by Fluoresce, 30 August 2014 - 07:37 AM. The fancy-looking quotes won't insert into my DB, so I'm trying to convert them to %93 & %94 or normal quotes.
Nothing I've tried works.
Code:
$fancy=" “test” "; $fixed=htmlentities($old, ENT_QUOTES); echo "fancy: $fancy<br>"; echo "fixed: $fixed"; Results: fancy: “test” fixed: I want $fixed to be %93test%94, or even "test" would work. Edited by rwmaho, 18 October 2014 - 01:28 PM. How is it possible, in PHP, to display an error message next to a form input text field if a user is attempting to submit a form with empty fields? Moreover, how is it possible to remove the same error message when the user fills in the input field with the required data and/or refreshes the page? I have 2 files that I am working with: application.php and process.php.
application.php mainly has the HTML of the form. I am very new to learning PHP (I started learning it last week) and I have been searching for hours for a clear answer. I have already tried different methods for generating the error message including: using empty(), !isset, $_POST["name"] = "", etc, and have tried using session_start();, $row, echo, print, and other variables to try and display error message on the page, and I have tried using unset();, and = null, to try and remove the error message once the input field has been filled but all to no avail. Either the method I try only half works, or nothing works, and I cannot pinpoint which is the part that is not working. I only have 2 files to work with, and as an example of what I want to do is:
1. If the first name field is empty when the user clicks submit, an error message should appear next to the input. Is this possible with PHP? An automated API is sending an XML message to a PHP file on my site. How do I deal with this? Hey folks, I made a small shopping cart but I struggle with receiving an email with the orders; thanks in advance this is the mail.php <?php session_start(); if($_POST['sendemail'] == 'Email') { $headers = 'From: Sender <andrej13@gmail.com>'; mail('andrej13@gmail.com', 'Subject', $_SESSION["cart"], $headers); echo "DEBdsUG".$_POST["cart"]; echo 'Your mail has been sent'; } else { echo 'Your mail was not sent'; } ?> this is the cart.php <?php // Include MySQL class require_once('inc/mysql.class.php'); // Include database connection require_once('inc/global.inc.php'); // Include functions require_once('inc/functions.inc.php'); // Start the session session_start(); // Process actions $cart = $_SESSION['cart']; $action = $_GET['action']; switch ($action) { case 'add': if ($cart) { $cart .= ','.$_GET['id']; } else { $cart = $_GET['id']; } break; case 'delete': if ($cart) { $items = explode(',',$cart); $newcart = ''; foreach ($items as $item) { if ($_GET['id'] != $item) { if ($newcart != '') { $newcart .= ','.$item; } else { $newcart = $item; } } } $cart = $newcart; } break; case 'update': if ($cart) { $newcart = ''; foreach ($_POST as $key=>$value) { if (stristr($key,'qty')) { $id = str_replace('qty','',$key); $items = ($newcart != '') ? explode(',',$newcart) : explode(',',$cart); $newcart = ''; foreach ($items as $item) { if ($id != $item) { if ($newcart != '') { $newcart .= ','.$item; } else { $newcart = $item; } } } for ($i=1;$i<=$value;$i++) { if ($newcart != '') { $newcart .= ','.$id; } else { $newcart = $id; } } } } } $cart = $newcart; break; } $_SESSION['cart'] = $cart; ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>PHP Shopping Cart Demo &#0183; Cart</title> <link rel="stylesheet" href="css/styles.css" /> </head> <body> <div id="shoppingcart"> <h1>Your Shopping Cart</h1> <?php echo writeShoppingCart(); ?> </div> <div id="contents"> <h1>Please check quantities...</h1> <?php echo showCart(); ?> <p><a href="index.php">Back to bookshop...</a></p> <form action="mail.php" method="post"> <input type="submit" name="sendemail" value="Email" /> <input type="hidden" name="cart" value="<?= $cart; ?>" /> </form> </div> </body> </html> Hi guys, I am having a problem of deleting the rows in the database. I just receive two warnings of mysql_real_escape_string which they a Code: [Select] Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'myusername'@'localhost' (using password: NO) in /home/username/public_html/mysite.com/delete.php on line 11 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/username/public_html/mysite.com/delete.php on line 11 failed The error are jumping on this line: Code: [Select] return mysql_real_escape_string($value); Here it the full code: <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'username'); define('DB_PASSWORD', 'password'); define('DB_DATABASE', 'databasename'); function clean($value) { return mysql_real_escape_string($value); } $id = clean($_GET['id']); if ($id != NULL) { $query = @mysql_db_query(_DB,"DELETE FROM table1 WHERE $id = 'id"); $deleted = @mysql_affected_rows(); if($deleted > 0) { echo("worked"); } else { echo("failed"); } }else{ echo("failed"); } @mysql_close($link); ?> I have input the correct password, so what's wrong?? |