PHP - Maintaining Quotes

A problem has arisen which puzzles me. I have forms which save data to MySql and retrieve it, showing it as the default data in the form. Naturally I escape any quotes before sending it to the database and remove the slashes when I retrieve it. But the form HTML code shows the data like this value="$variable" which is fine when only single quotes are used in the data but causes a problem when the user uses double quotes. So data of John \"Jack\" Smith would be output as value="John "Jack" Smith" with obvious problems. If I use value='...' then that would cause problems with single quotes.

I haven't seen the answer in any of my books. The only things I can think of is changing all double quotes to single before saving to DB or converting them with htmlspecialcharacters so they are no longer actual quotes.

$count=0;
$numb=50;
foreach ($sepkeys as $dbkey)
{
for ($page=10;$page<=$numb;$page=$page + 10)
  {
// the if block

$count=$count+1;
 
}

}

I am trying to maintain a separate a count for each key number in the above code.

Eg: key- 574, it searches from pages 10-50 and increments the count by 1.

The problem that I have is the count is continuous. After searching for the first key and moves on to the next key and them I need the count to start from the beginning rather than being continuous.

Eg: key-874 : count = 22, in my case the next key 875 : the count is 23

I need to make it 1.

I removed the if block and several lines because the code is too long.

Can someone please suggest me a way how to do it

Hi,

I have managed to get the code below working with a few tweaks here and there.  However, you can see that I have written a small function in the file name local.php to allow the user to select "English" or "German" in the link on the test.php page.

This works fine but it will only work on that particular webpage.  As soon as I move away from that page the locale will return back to "en_US"(English).  Is there a way I could implement lets say an option dropdown and save the locale across the whole site.

Just in case its relevant I have a MySQL DB available for use if thats appropriate.

local.php
<?php

function english(){

$directory = dirname(__FILE__).'/locale';
$domain = 'messages';
$locale ="en_UK.utf8";
setlocale( LC_MESSAGES, $locale);
bindtextdomain($domain, $directory);
textdomain($domain);
bind_textdomain_codeset($domain, 'UTF-8');

}

function german(){

$directory = dirname(__FILE__).'/locale';
$domain = 'messages';
$locale ="de_DE.utf8";
setlocale( LC_MESSAGES, $locale);
bindtextdomain($domain, $directory);
textdomain($domain);
bind_textdomain_codeset($domain, 'UTF-8');

}

//Pagination and normal view switch 
if (isset($_GET['run'])) $linkchoice=$_GET['run'];
else $linkchoice='';

switch($linkchoice){

case 'English' :
    english();
    break;

case 'German' :
    german();
    break;

default :
    english();
    break;

}

?>


test.php
<?php include("local.php"); ?>
<html><head></head>
<body>
<?php echo "<p><a href='?run=English'>English</a> | <a href='?run=German'>German</a> </p>"; ?>
<br />
<?php echo gettext("Welcome to My PHP Application");
echo "<br />";
// Or use the alias _() for gettext()
echo _("Have a nice day"); ?>
</body>
</html>

Many thanks in advance!

I am trying to create a very basic webpage (for local use) that will allow me to add records to a table that I can then come back to at a later date. Essentially, I want a mini spreadsheet in a HTML file. Is this possible?

I know that I could do this using PHP, but I just want this for local use, so I do not want / need to upload it anywhere. Plus, I am not linking to any database, I am hoping just to have the table saved into the HTML file. I currently have a JS script that will add rows to my table (with predetermined information - not 100% what I am wanting), but once I close the window, that information is not saved.

If anyone could at least point me in the right direction, that would be good (hopefully this all makes sense)

Hi

I am developing a e-commerce website. The user logs in and buy a product when he checkout the page will redirect to the payment gateway. After the payment is completed it will return back to my website. This is ok. But when it is returning back the session maintained in my website get lost. This happen only for the first time. If the user again logged in and checkout the process works good and the session is maintaining.

Why does the session lost for first time.

I used session_start() in all the pages..

I cannot find the solutions. Kindly help..

Regards
P.Balakrishnan

Hey, I want to be able to have a 100x100 thumbnail of pictures I am uploading while cropping the image to maintain the ratio. Right now I am stretching the image and it looks bad but it works. Here is my code...

Quote

$new_thumb = "$new_pic";
$sourcefile = "$target2$pic";
$picsize = getimagesize("$target2$pic");
$source_x = $picsize[0];
$source_y = $picsize[1];

$dest_x = 100;
$dest_y = 100;


$targetfile = "$thumbs$pic";

$pathtofile = pathinfo($sourcefile);
$extension = $pathtofile['extension'];
$jpegqual = 75;

   if($extension=='jpg' || $extension=='jpeg' || $extension=='JPG') {
$source_id = imagecreatefromjpeg("$target2$pic");
$target_id = imagecreatetruecolor($dest_x, $dest_y);
$target_pic = imagecopyresized($target_id,$source_id,0,0,0,0,$dest_x,$dest_y,$source_x,$source_y);
imagejpeg($target_id,"$targetfile",$jpegqual);
}
if($extension=='gif') {
$source_id = imagecreatefromgif("$target2$pic");
$target_id = imagecreatetruecolor($dest_x, $dest_y);
$target_pic = imagecopyresized($target_id,$source_id,0,0,0,0,$dest_x,$dest_y,$source_x,$source_y);
imagegif($target_id,"$targetfile",$jpegqual);
}
if($extension=='png') {
$source_id = imagecreatefrompng("$target2$pic");
$target_id = imagecreatetruecolor($dest_x, $dest_y);
$target_pic = imagecopyresized($target_id,$source_id,0,0,0,0,$dest_x,$dest_y,$source_x,$source_y);
imagepng($target_id,"$targetfile",$jpegqual);
}



How could I change this to make the thumbnails maintain the aspect ratio but still be 100x100?

This is a LINK to the page -> http://shoutkey.com/carriage

I have a problem of separating MySQL concatenated info, yet still maintaining their relationship to other arrays in the same order. First off here is the MySQL code:

Code: [Select]
$query ="SELECT report,";
$query.="GROUP_CONCAT(DISTINCT docID) AS docIDs, ";
$query.="GROUP_CONCAT(DISTINCT analyst) AS analysts, ";
$query.="GROUP_CONCAT(DISTINCT region) AS regions, ";
$query.="GROUP_CONCAT(DISTINCT country) AS countries, ";
$query.="GROUP_CONCAT(DISTINCT topic) AS topics, ";
$query.="GROUP_CONCAT(DISTINCT date) AS dates, ";
$query.="GROUP_CONCAT(DISTINCT event) AS events, ";
$query.="GROUP_CONCAT(DISTINCT link) AS links, ";
$query.="GROUP_CONCAT(DISTINCT province) AS provinces ";
$query.="FROM reports GROUP BY report ORDER BY dates DESC, docIDs DESC";
The most important thing is to get all attributes about each report. The thing is, each report can have as many records as it must, in order to store various types of information, like, if multiple analysts are working on the report, then each one saves their own record, but when retrieving these records MYSQL concatenates the records, to make it look to the analysts like this

Report 1 --- Josh, Rebecca --- Philippines

However, my problem is trying to display the reports by country... as you can see http://shoutkey.com/carriage. I have no idea about how to split up the countries, while maintaining their relationship to the $rows pulled from MySQL. I am gonna post the entire code, and let me know if anybody has any ideas.

Code: [Select]
$result = mysql_query($query);

$numrows = mysql_affected_rows();


$current = false;                 
while($row=mysql_fetch_assoc($result)) {
$dates = $row['dates'];
$analysts = $row['analysts'];
$provinces = $row['provinces'];
$topics = $row['topics'];
$regions = $row['regions'];
$countries = $row['countries'];
$reports = $row['report'];
$links = $row['links'];
$events     = $row['events'];

if (!$current){ //first call
echo "<h3><a href=\"#\">{$countries}</a></h3>"; //echo first call
  $current = $countries;
echo "<div>" ;//open content div
}
elseif($current != $countries){ // country has changed
echo "</div>"; //close previous content div
echo "<h3><a href=\"#\">{$countries}</a></h3>"; //echo subsequent countries
    $current = $countries;
    echo "<div><p>" ;//open content div
}


echo $analysts." ----- ".$provinces." ----- ".$reports;
echo "<br /><br />";

}
echo "</div>";
?>
    </div>       

Hi,

I have successfully implemented a master details page with the results aligned in columns linking to a details page.
I wish to maintain the recordID passed from the master details page and make the dynamic text, which reads
Shade
A tree that is capable of.....
in the attached screen shot a link to another details page referencing the same recordID.

The detailspage2.php would look the same as the screenshot except the Shade text and description below will be highlighted, which I can do, there will be a new image and a new image description.  All other dynmaic elements on the page will remain the same.

I tried to simply save as my detailspage.php to detailspage2.php and create a link to detailspage2.php. It linked to detailspage2.php but none of the record info showed up in their respective table cells.

I have all the names desc's, images, etc setup in a table in my database.

Please let me know what code and other info you need to help me out with this procedure.

Thanks.

 

Hello,

Using the following code, I'm extracting the $current_solution from my database.  However, if the variable has quotes in it, I get gobbledegook.  Code: [Select]
<input type ="radio" name="solution" <?php  echo 'value="' . $current_solution . '"' ?> id="solution" <?php if ($row['solution'] == $current_solution) {echo 'checked = "yes"';} ?>/><?php echo$current_solution; ?></label>
As an example, if the $current_solution variable is:  A right-side up letter u   then I get:

" id="solution" checked = "yes"/>
A right-side up letter "u".

I know that it's a quote issue but am not sure how to fix it.  I tried adding slashes but I fear that it didn't work.  Any thoughts on this would be appreciated!

Thanks so much,

Eric

Hi, newbie here.
Could someone show me how to properly escape the quotes in this code so it works properly? I'm having major problems with it, thanks.

echo "<td style="background-color:#fff"
 onMouseover="this.style.backgroundColor='#ff9900';"
 onMouseout="this.style.backgroundColor='#fff';">"

I'm trying to figure out why it won't display the quote(s) for the selected person. I echoed the query and it's getting the correct id its just not displaying correctly. Any ideas?

function getQuotes($id) {
$id=mysql_real_escape_string($id);
$sql = "SELECT * FROM `efed_bio_quotes` WHERE bio_id = '$id'";
$re = mysql_query($sql);
$i = 0;
$quotes = array();
$row = mysql_fetch_assoc($re);
extract($row);
?>
<ul id="quotes">
<?php
if(count($quotes) > 0){
for($i = 0; $i < count($quotes); $i++){
echo "<li>".$quotes[$i]."</li>";
}
}
else{
echo '<li>This wrestler has no quotes.</li>';
}
?>
</ul>
<?php
}

i have some code which checks to see if a username  and an email is in use. from what i can understand, it uses magic quotes to prevent sql injection. i've heard that magic quotes are not going to be in use in php6, so how can i change it so that it uses real escape string instead?

if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") 
or die(mysql_error());
$check2 = mysql_num_rows($check);
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
}

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$emailcheck = $_POST['email'];
$check = mysql_query("SELECT email FROM users WHERE email = '$emailcheck'") 
or die(mysql_error());
$check2 = mysql_num_rows($check);
if ($check2 != 0) {
die('Sorry, the email '.$_POST['email'].' is already registered to another account.');
}


Thanks

So, I think you have all heard the news. THEY ARE GONE!

Unfortunately, I do have some old code that I do not feel like going line by line and updating. I was wounding if you guys could help me out.

I was hoping that there would be a way to set a define of some sort then when I grab something out of an SQL table it will automatically takeout the "\" (Slashes) and when I insert something into the database it will add the slashes...

YES I know and have read the statement written by the php group [http://www.php.net/manual/en/securit...uotes.why.php] But i do not particularly want to go through my code and change everything by hand.

If you have any idea, or would like me to explain it another way, please post.

Any help will be greatly appreciated.

--redcrusher

Alright, I've troubleshooted for about an hour on this and still can't figure it out, I've got the following line of code:

             Code: [Select]
$newstring = '$search = mysql_query("SELECT * FROM cmscbesalke.game where gameTitle = '".$gametitle."'");';
that is giving the following error:

Parse error: syntax error, unexpected '"' in /home/content/06/8675706/html/edit.game.php on line 136

I've tried to do the following as well:
Escaping the ", adding in extra . operators, and removing quotes.

The complicated part here is that I need the fwrite to write the $gametitle variable, with single quotes around it that way the mysql_query will return the correct database entry, but everytime I get the line of code to work it does not put the quotes.