PHP - Uppercase Surname With Apostrophe In Php
Hi Friends, I am Anes
I want to ensure all surnames are uppercase in php I use $surname = ucfirst(strtolower($dataField)); How do I ensure that any names such as O'Brien, don't result in O'brien thanks Similar TutorialsI'm presently formatting surnames like this: Code: [Select] $surname = ucfirst(strtolower($surname))) .. so that SMITH, and smith ... both look like: Smith. That's all fine, but how do I ensure that... O'BRIEN o'brien o' brien ... all look like O'Brien ? That is, where no spaces are allowed to appear in the surname and where the first letter, as well as the one following the apostrophe are both capitalised. TIA Problem - application produces MD5 PWs which are uppercase, code checks lowercase. Question- How to use uppercase check? Code: [Select] function checkPwd($x,$y) { //Checks if strings are empty if(empty($x) || empty($y) ) { //Strings were empty return false; } else if(strlen($x) < 4 || strlen($y) < 4) { //String length too short return false; } else if(strcmp($x,$y) != 0) { //Strings do not match return false; } else { //Password Determined valid return true; } } Question 2: Do I have to change it anywhere else, like PW generation? Code: [Select] function GenPwd($length = 7) { $password = ""; $possible = "0123456789bcdfghjkmnpqrstvwxyz"; //no vowels $i = 0; while ($i < $length) { $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); if (!strstr($password, $char)) { $password .= $char; $i++; } } return $password; } function GenKey($length = 7) { $password = ""; $possible = "0123456789abcdefghijkmnopqrstuvwxyz"; $i = 0; while ($i < $length) { $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); if (!strstr($password, $char)) { $password .= $char; $i++; } } return $password; } Thank you for reading Our professor in PHP Programming is very choosy that he requires us to verify if the user enter the UPPERCASE format of the user name registered the program will show an invalid user. What he's trying to say is the user must enter a 100% identical to the username he registered. If the username registered is LOWERCASE he must enter a LOWERCASE username if the username registered is UPPERCASE he must enter an UPPERCASE username to LOGIN. Hello: I have this little bit of code to pull all the towns and zip codes from a mySQL database: Code: [Select] <?php $result = mysql_query("SELECT zip_id,city,abbr_state,full_state,zip FROM zip_codes WHERE abbr_state = '" . mysql_real_escape_string ( $_GET['abbr_state'] ) . "' ORDER BY `city` ASC"); while($row = mysql_fetch_array($result)) { echo "<a href=\"Stores.php?zip_id=".$row['zip_id']."\" title=\"My Products ". $row['city']. ", ". $row['abbr_state']." ". $row['zip']." | My Items ". $row['city']. ", ". $row['abbr_state']." ". $row['zip']."\">". $row['city']. ", ". $row['abbr_state']." ". $row['zip']."</a>"; echo "<div style=\"clear: both; margin-bottom: 15px;\"></div>"; } ?> Works fine (unless some can offer a way to "improve" the code). However, all of the City Names ($row['city']) were put into the database as ALL CAPITALS, which is a bit harder on the eyes to read. Is there a "PHP way" - working with the code I posted - that will transform the ALL CAPITALS to a more readable Capitalize (in other words, Capitalize just the first letter of each town). I know that CSS offers "text-transform" and if that is a solution I'm fine with that. I just need it to display that way, not re-write it in the database. Ideas? Solution? Thanks! Hi I have this script that saves data to a file, I was wondering how I can make the script write the title of the files in uppercase letters? I am new to coding mind I think is the relevent code: Code: [Select] foreach(array('daily','weekly','monthly') as $value) { $fp = fopen(DIR.$value.'_'.strtolower(str_replace('/', '', $data[$ccyValue][0])).'.csv', 'w'); if($fp) { $raw_data = array(${$value.'Pivot'}, ${$value.'_s1'}, ${$value.'_s2'}, ${$value.'_s3'}, ${$value.'_r1'}, ${$value.'_r2'}, ${$value.'_r3'}); $write_data = "Pivot, S1, S2, S3, R1, R2, R3\n"; $write_data .= implode(',', $raw_data); fwrite($fp,$write_data); fclose($fp); } else { die('Please make sure result folder is present or writable!'); } } } Thanks Antony Hi guys, I wonder if somebody can help me? When a user enters details about themselves into a textbox and includes an apostrophe, when the profile is pulled from the MYSQL database the apostrophe is replaced with a \' How can I get it so when the profile is viewed there is either no backslash Thanks for any help Regards Rob Hi ,
I have a website which uses apostrophe in merchant names (craig's) and Product name (Fresh goat's).
If I try click on the search pages using these names with apostrophe then it displays the following error.
Error: SELECT * FROM merchant WHERE user_name='Major_Craig's_Chutney' && is_active='1'
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's_Chutney' && is_active='1'' at line 1
I tried to add an apostrophe in php file of merchant search but still it shows up the same error or empty page.
can anyone help me on this????
I'm a little rusty on my PHP skills, so this (probably simple) problem has me stumped. I have a search engine which retrieves from a database with titles, of which some of those titles have apostrophes within them. There can also be several authors for a single title, so I've set up this code to retrieve and give each author a different url to their page: Code: [Select] $select_author = mysql_query("SELECT DISTINCT author FROM archives WHERE `title` = '$title' AND `year` = '$year' AND `category` = '$category' AND `group` = '$group' ") or die(mysql_error()); However, whenever an apostrophe appears for the $title I get this error: Quote You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'll Have Lemonade, Please' AND `year` = '2002' AND `category` = 'Lemon' AND `grou' at line 1 The full title is "I'll Have Lemonade, Please," and you can see where the problem lies. I've tried replacing the "`title` = '$title'" with "`title` = '%s'", but then none of the authors will appear. Anyone have any suggestions on how to fix this problem? Thanks in advance, and here's the full code: Code: [Select] <?php if(isset($_POST[search])) { $title = strtolower(strip_tags(mysql_escape_string($_POST['title']))); $author = strtolower(strip_tags(mysql_escape_string($_POST['author']))); $summary = strtolower(strip_tags(mysql_escape_string($_POST['summary']))); $category = strip_tags(mysql_escape_string($_POST['category'])); $group = strip_tags(mysql_escape_string($_POST['group'])); $rating = strip_tags(mysql_escape_string($_POST['rating'])); $year = strip_tags(mysql_escape_string($_POST['year'])); $termsArray = array(); if(!empty($author)) { $termsArray[] = "author LIKE '%$author%'"; } if(!empty($title)) { $termsArray[] = "title LIKE '%$title%'"; } if(!empty($summary)) { $termsArray[] = "summary LIKE '%$summary%'"; } if (count($termsArray) > 0){ $terms = implode(" AND ", $termsArray); $terms = " WHERE ".$terms; unset($termsArray); //clear memory, cause we're finished using this. } $join = (empty($title) && empty($author) && empty($summary)) ? "WHERE" : "AND"; $sql_category = ($category == all) ? "" : "$join `category`='$category'"; if ($sql_category != ""){ $join = "AND"; } $sql_group = ($group == all) ? "" : "$join `group`='$group'"; if ($sql_group != ""){ $join = "AND"; } $sql_rating = ($rating == all) ? "" : "$join `rating`='$rating'"; if ($sql_rating != ""){ $join = "AND"; } $sql_year = ($year == all) ? "" : "$join year='$year'"; $qSearch = "SELECT * FROM archives $terms $sql_category $sql_group $sql_rating $sql_year GROUP BY url ORDER BY title ASC, author ASC"; $rsSearch = mysql_query($qSearch) or die(mysql_error()); $end = ''; if (mysql_num_rows($rsSearch) >= 2) { $end = 's'; } if (mysql_num_rows($rsSearch) == 0) { print '<p>Sorry, there were no results returned for your search. Please try again.</p>'; } else { print '<center><p><b>'.mysql_num_rows($rsSearch).'</b> title'.$end.' found.</p></center>'; echo '<ol>'; while ($row = mysql_fetch_array($rsSearch)) { extract($row); $select_author = mysql_query("SELECT DISTINCT author FROM archives WHERE `title` = '$title' AND `year` = '$year' AND `category` = '$category' AND `group` = '$group' ") or die(mysql_error()); $aut = ""; while ($row3 = mysql_fetch_array($select_author)) { $aut .= "<a href=\"author.php?author={$row3[author]}\">$row3[author]</a> & "; } $aut = substr($aut,0,-3); $my_code = urlencode($title); $my_author = urlencode($author); echo '<li><a href="info.php?author='.$my_author.'&title='.$my_code.'">'.$title.'</a> by '.$aut.'</li>'; } echo '</ol>'; } } ?> I have the following code to search my database (obviously some of the surrounding code is not provided) but I hope this provides enough for me to be clear about my problem) : $sql="SELECT * FROM member_details WHERE state='$state' AND location='$locn' ORDER BY Surname, Given_name"; $result=mysqli_query($conn, $sql) or die("Error in selection -".mysqli_error($conn)); $numrows=mysqli_num_rows($result); if($numrows==0) { echo "There are no members listed in this State/Territory/location."; } else { while($row=mysqli_fetch_array($result)) { $surname=$row['Surname']; if (strstr($surname, "'")) echo "yes"; else echo "no"; } } This works fine if I am searching for a surname that contains a letter such as ''a". However when I search on the apostrophe, even though I know I have several surnames in the database which contain the apostrophe, I get a 'no' response for all of them. Thank you. Can anyone see what I am doing wrong here please or suggest a different approach? Hi Guys I have this PHP Upload Scripts below which uploads file of customers into the customers folder and at the same time inserts the file path into the database. The problems is for name like O'hare or O'neil its uploads into the customers folder but does not insert the file path into the database - probably because of the " ' " apostrophe From the code below is there anyway I can deal with this issue? Thanks alot Code: [Select] <?php //This php block of code will takecare of inserting the upload variables into the db if(isset($_POST['submitbutton'])) { $target_path = 'customerUploads/' . $check_id . ', ' . $c_name . '/'; $target_path = $target_path . basename( $_FILES['upload']['name']); $manager= mysql_real_escape_string($_POST['username']); $upload = $_FILES['upload']['name']; $check_id = mysql_real_escape_string($_POST['id']); $submitbutton= mysql_real_escape_string($_POST['submitbutton']); if($submitbutton) { if($manager&&$upload) { if (file_exists($target_path)) { echo $_FILES["upload"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["upload"]["tmp_name"],$target_path); echo "Stored in: " . 'customerUploads/' . $check_id . ', ' . $c_name . '/' . $_FILES["upload"]["name"]; $insert=mysql_query("INSERT INTO img_up (username,upload,id,target_path,img_date) VALUES ('$manager','$upload','$check_id','$target_path', now()) "); // Where the file is going to be placed $target_path = 'customerUploads/' . $check_id . ', ' . $c_name . '/'; /* Add the original filename to our target path. Result is "uploads/filename.extension" */ $target_path = $target_path . basename( $_FILES['upload']['name']); $target_path = 'customerUploads/' . $check_id . ', ' . $c_name . '/'; $target_path = $target_path . basename( $_FILES['upload']['name']); if (file_exists($target_path)) { echo $_FILES["upload"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["upload"]["tmp_name"],$target_path); echo "Stored in: " . 'customerUploads/' . $check_id . ', ' . $c_name . '/' . $_FILES["upload"]["name"]; } } } else { echo "There was an error uploading the file, please try again!"; } } header("location: mainupload_complete.php?id=$check_id"); } ?> Note that my code still use the old mysql query and I am aware of that. I want to migrate it to mysqli soon but it will have to wait until I learn how to do so. Meanwhile, please help me with the code that I have now. Thank you
I've looked around the internet to find how to do this and I found two methods:
htmlspecialchars();
and
mysql_real_escape_string();
I wrapped my text into one of the two function in order to pass in text with apostrophe in it to the database.
However I encountered a problem.
With mysql_real_escape_string, I got the desired effect that I want but the problem is that, the function also apply its effect onto html img tag. So <img src="test"> turns into <img src=/"test/"> and therefore images (and also links) will not appear.
With htmlspecialchars, again I got the desired function that I want which is to pass in apostrophe into the database. The problem with this is that when I pull the data out from the database and echo it onto my page, it doesn't render and show as a plain html code.
What confuse me a lot is that, it works fine inside my localhost.
Please help
Thank you!
Attached Files
content-insert.php 3.92KB
4 downloads I am having trouble, because I am trying to enter a string, such as this into a database field: $string = "There's trouble ahead because they're silly."; Ofcourse, MySQL craps out because of the apostrophes. So I did this: $string = mysql_real_escape_string($string); This is entered into the database, however it is entered as this: "There\'s trouble ahead because they\'re silly." I was wondering how I can enter apostrophes, without entering a backslash, because now when I pull the text from the DB and display it on a page, I get a backslash in front of all apostrophes. HELP! Please! Is the only way around this to add slashes, then use stripslashes() when displaying text?? This topic has been moved to PHP Regex. http://www.phpfreaks.com/forums/index.php?topic=354362.0 My script forces all names to start with a capital and lower case for the rest. However, some names have a ' or - in them. For example: Rosie O'Donnell or Carrie-Anne Moss With the script, the "D" in O'Donnell is lower case and the "A" in Anne is lower case. What do I need to do to make them capital? Here is what I am using: Code: [Select] <?php echo ucwords(strtolower($row_persons['last_name'])) ?>, <?php echo ucwords(strtolower($row_persons['first_name'])) ?> I need to send emails with single apostrophes in the body of my email function. How do I do that without erroring out in my mail function. Code: [Select] <? $to = "myself@gmail.com"; $subject = "test"; $body='<html><body><font size="1"> We're sending this email.It's been a while</font></body></html>'; $message=$total; $from = "webmaster@example.com"; $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: Admin <Admin@test.com>' . "\r\n"; // Send email if(mail($to,$subject,$body,$headers)) { // Inform the user echo "Your email has been sent"; } else { echo "MAIL not sent"; } ?> I am using PHP with ODBC to connect to an existing MSSQL database to query for some names. When I query a name that has an apostrophe in it, I get an error. Example typing O'Malley as the name: Quote Warning: odbc_exec() [function.odbc-exec]: SQL error: [Microsoft][ODBC SQL Server Driver][SQL Server]Incorrect syntax near 'malley'., SQL state 37000 in SQLExecDirect I have used addslashes to the string but get the same result: Code: [Select] $string = addslashes($_POST['string']); $connect = odbc_connect("$mssql_name", "$mssql_user", "$mssql_pass"); $query_mssql = "SELECT pr.NameFirst, pr.NameLast, pr.NameMiddle, pr.Birthdate, p.Barcode, p.OrganizationID FROM PatronRegistration pr JOIN Patrons p ON (pr.PatronID = p.PatronID) WHERE pr.NameLast = '$string'"; $result = odbc_exec($connect, $query_mssql); Any ideas? I imagine there are lots of ways to answer this question, so I just want people's opinions as to the best way (if there is one). I have code with a basic form that submits data to a MySQL database. So when someone submits data the first time, I "clean it up" by doing... Code: [Select] $_POST['data'] = trim(mysql_prep($_POST['data'])); .. and then submit that info into a "varchar" mySQL field. Then if the user comes back to edit it, the form comes up and the data they previously entered is pulled into the field this way (I'm leaving out the MySQL to pull the data, obviously)... Code: [Select] <input type="text" name="field" value="<?php echo $data;?>"> The problem is that if someone entered this originally... Code: [Select] Here is "some" data with apostrophes ...Then when I echo that back into the value of the text field, it would only show... Code: [Select] Here is "...and then cuts off because the quotation mark in the data conflicted with the quotation mark after value= Is htmlentities the answer here, or is there some other/better way? FYI... Code: [Select] function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string") ; //i.e. PHP >= v4.3.0 if($new_enough_php) { //PHP v4.3.0 or higher //undo any magic quote effects so mysql_real_escape_string can do the work if($magic_quotes_active) { $value = stripslashes($value) ;} $value = mysql_real_escape_string($value); } else { //before php v4.3.0 // if magic quotes aren;t already on then add slashes manually if(!magic_quotes_active) { $value = addslashes($value); } // if magic quotes are active, then the slashes already exist } return $value; } This is something I've been trying to figure out for some time. I've read blogs and other forums and am still not clear.
Seems that when I pass a variable that has Apostrophe's in the variable, from a form page to the submit page and insert it into the MySql DB table, it inserts OK without any / before the apostrophe.
On the other hand on the same submit page, there is a select query from another table and there are variables with apostrophe's. These queried variables keep the variables from the form page and the queried DB from inserting into a new table.
So I use mysql_real_escape_string () for the variables queried from the table to be inserted into the new table, don't use mysql_real_escape_string () on the variables passed frm the form page, and everything inserts into the new table just fine. Displays with no forward slashes.
My confusion comes from when to use mysql_real_escape_string (), stripslashes () and htmlspecialchars().
Also in the reading I was doing, it looks like mysql_real_escape_string () is being replaced with mysqli_real_escape_string (), but when I tried to use it on a variable queried from the DB something like
$username = mysqli_real_escape_string ( $s['username'] )( $s being 'foreach ( $result as $s )' from the select query. Thanks in advance for shedding any light on this. Let me preface this by saying that I've been using php for a while, but never got extremely advanced, so feel free to slap me about for something stupid... I'm working through a jQuery & PHP book, and I've noticed that he's wrapping all his column and table names in the apostrophe ` when making MySQL queries . In the past I've never done this. What does the ` do? I understand about single quotes and double quotes, but haven't come across the ` being used. What's the deal? |