PHP - Retaining Apostrophes In Email Subject Line

Hi. Apologies in advance if this is a stupid question, but hoping someone can help. I'm trying to help a friend who is running a photo gallery script on his website. The developer of the script is not supporting it any longer and I have limited php knowledge.

I've been told by his ISP that the script will only work on PHP version 5.6. The problem he has is that when he is adding descriptions to the photos via a back end form, if he uses an apostrophe as in O'Sullivan for example, when he saves the entry, the description text does not show at all. This seems to be a conflict with the php language. Is there a line of code that I can add to the config file or somewhere that will get around this problem?

Thanks in advance for any help you can give.

I am trying to insert product descriptions into a mysql database, however they are failing because of apostrophes in the text. How do I fix this? Everything is working fine except $productdescription

$ProductDescription contains,

"Record In Stereo Sound, Then Play Back Your Videos Instantly On You Computer. The Sx130 Is Is All About Creativity, With Fun New Scene Modes Like Miniature Effect For Movies, And Fisheye Effect For Artistically Distorted Stills. While You're Having Fun Creating, The Camera's Smart Flash Exposure And Advanced Smart Auto Systems Are Ensuring That Every Image Is The Best It Can Be. Add The Digic 4 Image Processor, 12.1 Megapixels And Canon's Optical Image Stabilizer, And You've Got The Ideal Camera For Making The Good Times Last."

SQL Error on insert,

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 're Having Fun Creating, The Camera's Smart Flash Exposure And Advanced Smart Aut' at line 1 "

Code: [Select]
mysql_select_db("testdb") or die(mysql_error());

mysql_query ("INSERT INTO product (merchantname, producttitle, productdescription, gtin, availability, price) VALUES ('$merchantname[1]','$producttitle[1]','$productdescription[1]','$gtin[1]',''$availability[1]','$price[1]')");

Hi All,

I'm working on an X-Cart site. Looking through the pages, any page with an apostrophe in the content is being loaded as an � instead.

The sites' char set is UTF-8. Changing it to ISO then creates an issue in itself with bulleted lists. Just wondering if anyone has had the problem in the past and if they have solved it?

Any help appreciated.

Cheers

This is driving me nuts and I'm hoping someone can help me figure it out.  I have a site with PHP/MySQL.  I have a form where people can submit a comment.  This comment then goes into a MySQL database and gets displayed back on another page of the website.

NOTE:  I put this question in the PHP Forum because I think the problem is happening somewhere BEFORE the info gets entered into MySQL.  But of course, I could be wrong.

The problem is that some of the comments are coming in with a "\" in front of apostropes, but NOT ALL OF THEM (which is really confusing me).

For example, someone entered this comment which shows in the MySQL database exactly like this...

I predict Lena's gonna win a lifetime Grammy.  It's long overdue.

Someone else entered a comment which shows in the MySQL database exactly like this...

can\\\'t wait to see first pics of the next addition.  Congrats!

They both have apostrophes in them, but only that second one added those slashes (and 3 of them for some reason). 

There are more instances of this where some comments have the slashes before the apostrophe and some don't.  Anyone know what might be causing this seemingly random insertion of slashes?

i'm having problems with apostrophes causing an error on my contact form. I've tried stripslash and also str_replace but i can't get it to work. what am i doing wrong?

thanks 


Code: [Select]
<?php
if(isset($_POST['email'])) {
     
    // EDIT THE 2 LINES BELOW AS REQUIRED
    $email_to = "test@test.com";
    $email_subject = "test";
     
     
    function died($error) {
        // your error code can go here
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
        echo "These errors appear below.<br /><br />";
        echo $error."<br /><br />";
        echo "Please go back and fix these errors.<br /><br />";
        die();
    }
     
    // validation expected data exists
    if(!isset($_POST['contact_name']) ||
        !isset($_POST['last_name']) ||
        !isset($_POST['email']) ||
        !isset($_POST['telephone']) ||
        !isset($_POST['comments'])) {
        died('We are sorry, but there appears to be a problem with the form you submitted.');      
    }
    
    foreach($_POST['check'] as $value) { 
$check_msg .= "Checked: $value\n"; 
} 

    $contact_name = str_replace("'", "&#38;#039;", $contact_name); 
    $contact_name = $_POST['contact_name']; // required
    $last_name = $_POST['last_name']; // required
    $email_from = $_POST['email']; // required
    $telephone = $_POST['telephone']; // not required
    $comments = $_POST['comments']; // required
     
    $error_message = "";
    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
  if(!preg_match($email_exp,$email_from)) {
    $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
  }
    $string_exp = "/^[A-Za-z .'-]+$/";
    
  if(!preg_match($string_exp,$contact_name)) {
    $error_message .= 'The First Name you entered does not appear to be valid.<br />';
  }
  if(!preg_match($string_exp,$last_name)) {
    $error_message .= 'The Last Name you entered does not appear to be valid.<br />';
  }
  if(strlen($comments) < 2) {
    $error_message .= 'The Comments you entered do not appear to be valid.<br />';
  }
  if(strlen($error_message) > 0) {
    died($error_message);
  }
    $email_message = "Form details below.\n\n";
     
    function clean_string($string) {
      $bad = array("content-type","bcc:","to:","cc:","href");
      return str_replace($bad,"",$string);
    }
     
    $email_message .= "Contact Name: ".clean_string($contact_name)."\n";
    $email_message .= "Agency/Company Name: ".clean_string($last_name)."\n";
    $email_message .= "Email Address: ".clean_string($email_from)."\n";
    $email_message .= "Dates Required: ".clean_string($telephone)."\n";
    $email_message .= "Type Required: ".clean_string($check_msg)."\n";
    $email_message .= "Any other info: ".clean_string($comments)."\n";


     
     
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers); 
?>
 
thanks
 
<?php
}
?>

onlinegamekey. com/MTGT-Auction.php is the page I'm working on.

The problem I'm having is cards with an apostrophe in the name breaks the operation.

I am populating the Select Box with the Card Names and those are coming in fine, its not until I try to use the select value to get that specific card data do I have an issue.
This query specifically
Code: [Select]
$quer2=mysql_query("SELECT * FROM auctions WHERE Card_Name ='$cards' Order By Price_Per") or die;
I've tried
$quer2=mysql_query("SELECT * FROM auctions WHERE Card_Name =" . htmlspecialchars($cards) . " Order By Price_Per") or die;
but then I get no data for any card.

Here is the page code I'm working with.

Code: [Select]
<?php
$cards = $_POST['cards'];
//SELECTING DATA FOR THE DROPDOWN
$sql = "Select Card_Name From auctions Group BY Card_Name ASC" or die;
$result = mysql_query($sql);
?>
<script type="text/javascript">
<!--
var optList;
var optsValue = new Array();
var optsText = new Array();
//when the page loads get the original options values and text and store them in arrays
window.onload = function() {
optList = document.getElementsByTagName("option");
for(var i=0; i<optList.length; i++) {
     optsValue[i] = optList[i].value;
     optsText[i] = optList[i].text.toLowerCase();   
}   
}
function searchSel(txtSearch) {
//clear all the current options
document.getElementById("items").options.length = 0;
var count = 0;
for(var i=0; i < optsValue.length; i=i+1) {
    if(optsText[i].indexOf(txtSearch.toLowerCase()) == 0) {  //match found
         //add this option to the select list options
         var newOpt = new Option(optsValue[i],optsText[i],false,false);
         document.getElementById("items").options[count] = newOpt;
         count = count+1;
    }
    }
}
function reload(form)
{
var f1 = document.forms['f1']
var val=f1.cards.options[f1.cards.options.selectedIndex].value;
self.location='MTGT-Auction.php?card=' + val ;
}
//-->
</script>
<style type="text/css">
body {
background-color:#000000;
}
.row-one {
    background-color: #666666;
    font-family: Arial, Helvetica, sans-serif;
font-size:12px;
font-weight: bold;
    line-height: 17px;
    color:#CCFF33;
}
.row-two {
    background-color: #333333;
    font-family: Arial, Helvetica, sans-serif;
font-size:12px;
font-weight: bold;
    line-height: 17px;
    color: #FF0;
}
.th {
background-color:#000000;
font-family:Arial, Helvetica, sans-serif;
font-size:14px;
font-weight:bold;
color:#CC0000;
padding: 2;
}
</style>
<!-- CREATE FORM & SELECT BOX -->
<form method="post" name="f1" action="MTGT-Auction.php">
    <select name="cards" id="items">
    <option value='0'>Select...</option>
    <?php while ($row=mysql_fetch_array($result)) {
if ($row['Card_Name']==@$cards) {
echo "<option selected value='$row[Card_Name]'>$row[Card_Name]</option>";
} else {
echo "<option value='$row[Card_Name]'>$row[Card_Name]</option>";
}
}
 ?>
    </select>
    <br />
     <input type="text" id="txt" value="Card Name?" onfocus="this.value==this.defaultValue?this.value='' :null" onkeyup="searchSel(this.value);" style="color:#000000; font:Arial; font-size:12px; background-color:#e1e1e1;" />
     <BR />
<input type="submit" value="Submit" name="submit" />
                        <input type=button onClick="location.href='MTGT-Auction.php'" value='Reset' />
            </form>
            <!-- CREATE TABLE WHERE DATA GOES -->
<table border="1" bordercolor="#000000">
<tr align="center">
<th class="th">Auction ID</th>
<th class="th">Card Name</th>
<th class="th">Cards Per Auction</th>
<th class="th">Auction Price</th>
<th class="th">Cost Per Card</th>
<th class="th">Date Listed</th>
<th class="th">Seller Name</th>
</tr>
<?php
//GET DATA FOR TABLE BASED ON SELECTED CARD & LOOP THROUGH
$quer2=mysql_query("SELECT * FROM auctions WHERE Card_Name ='$cards' Order By Price_Per") or die;
$i =1;
WHILE($row = mysql_fetch_array($quer2)) { 
if ($i%2 !=0)
$rowColor = "class='row-one'";
else
$rowColor = "class='row-two'";
echo "<tr $rowColor>" . "<td>" . $row[Auction_ID] . "</td><td>" . $row[Card_Name] . "</td><td>" . $row[Qty_Listed] . "</td><td>" . $row[Price] . "</td><td>" . $row[Price_Per] . "</td><td>" . $row[Date] . "</td><td>" . $row[Seller] . "</td></tr>";
$i++;
}
//}
?>
<?php
//QUICK CHECK IS OUR VARIABLE SET???
echo "<font color=\"#FFFFFF\">". $cards . "</font>";
?>
</table>
I image this is probably a very common problem & easy fix that has been answered many times, but I haven't found any thing that worked for me so any help.. or links to similar issues would really be appreciated.

Thank you,

Hello, im trying to update my database with a paragraph of text in a texbox.

The thing is my paragraph has apostrophes

Look:
Code: [Select]
In the run up to the return of the Wilderness, we've released a new wallpaper depicting a green dragon, plus a couple of 'getting started' guides about the Wilderness and free trade.
It doesn't want to update my table and it shows the old paragraph.

Here is how my update database looks like.

<?php
if (isset($_POST['Submit'])) { 
for($i=0;$i<$count;$i++){
$month = $_POST['month'];
$date = $_POST['date'];
$message = $_POST['message'];



$title = $_POST['title'];
$monthday = $month[$i]."<br>".$date[$i];
$sql1="UPDATE $tbl_name SET monthday='$monthday', month='$month[$i]', date='$date[$i]', message='$message[$i]', title='$title[$i]' WHERE id='$id[$i]'";
$result1 = mysql_query($sql1);
} 
header("location:update2.php");
}
?>


Can someone show me to to make it add the strip slashes to the $message variable.

Thanks Alot!

Hi

Can anyone see why $this->subject is not working?

I have a class that is going to send an email.
All the variables are set and contain values.
How ever, I'm getting an error if I try to use the subject variable inside a method?

Error:
Fatal error: Using $this when not in object context in /home/p/o/powtest/web/public_html/includes/admin_emails.php on line 36

Line 36 is: $subject = $this->subject;

Code: [Select]

protected static $table_name="admin_emails";
protected static $db_fields = array('id', 'name', 'subject', 'body_content', 'from_name', 'from_email');
public $id;
public $name;
public $subject;
public $body_content;
public $from_name;
public $from_email;


public function send_notification($sendTo, $name){
$to_name = $name;
$to = $sendTo;
$subject = $this->subject;
$message =<<<EMAILBODY

{$this->body}

EMAILBODY;

$message = wordwrap($message, 70);
$from_name = $this->from;
$from = $this->from_email;

$mail = new PHPMailer();

$mail->IsSMTP();
$mail->Host = "localhost";
$mail->Port = 25;
$mail->SMTPAuth = false;

$mail->FromName = $from_name;
$mail->From = $from;
$mail->AddAddress($to, $to_name);
$mail->Subject = $subject;
$mail->Body = $message;

$result = $mail->Send();
return $result;
}


Any help or pointer would be great.

Thanks

Hi, I'm trying to run an api from upcdatabase.com. I works fine but some barcodes are 8digits or 13digits, i need those barcodes to be changed by adding in zero's if 8 or subtracting 1 zero if 13.

It needs to do this before being sent to the sever. Your help is really appreciated this should be simple but has got be stumped i don't know where to even put the code... here's what i've got so far. THANKYOOUUU FOR YOUR TIME!


<?php
extract($_GET);
if(isset($upc))
{
   ?>
   <form method="get" action="<?php print $_SERVER[PHP_SELF]; ?>">
   <p><input type="text" name="upc" value=""/></p>
   <p><input type="submit" value="Search"/></p>
   </form>
   <?php

   require_once 'XML/RPC.php';

   $rpc_key = 'c737eb5b608f31e5fa022718860f1578cf2cc2a6';   // Set your rpc_key here
   
   // Setup the URL of the XML-RPC service
   $client = new XML_RPC_Client('/xmlrpc', 'http://www.upcdatabase.com');
   
   // Construct the entire parameter list (an array) for the call.
   // The array contains a single XML_RPC_Value object, a struct.
   // The struct is constructed from a PHP associative array, and each
   // value needs to be an XML_RPC_Value object.

   $params = array( new XML_RPC_Value( array(
      'rpc_key' => new XML_RPC_Value($rpc_key, 'string'),
      'upc' => new XML_RPC_Value($_REQUEST['upc'], 'string'),
      ), 'struct'));

   // Construct the XML-RPC request.  Substitute your chosen method name
   $msg = new XML_RPC_Message('lookup', $params);
   
   $upc_count = count($upc);

If ($upc_count == 7){
   echo '0000'.$upc;
}
elseif ($upc == 13) {
   echo '000'.$upc;
}
else {
   echo 'incorrect number of digits';
}
   
   //Actually have the client send the message to the server.  Save response.
   $resp = $client->send($msg);
   
   //If there was a problem sending the message, the resp will be false
   if (!$resp)
   {
      //print the error code from the client and exit
      echo 'Communication error: ' . $client->errstr;
      exit;
   }

   //If the response doesn't have a fault code, show the response as the array it is
   if(!$resp->faultCode())
   {

      //Store the value of the response in a variable
      $val = $resp->value();
      //Decode the value, into an array.
      $data = XML_RPC_decode($val);
      //Optionally print the array to the screen to inspect the values
      echo "<pre>" . print_r($data, true) . "</pre>";
      echo '<p>'.$data['status'].'</p>';
      echo '<p>'.$data['upc'].'</p>';
      echo '<p>'.$data['description'].'</p>';
      
   }else{
      //If something went wrong, show the error
      echo 'Fault Code: ' . $resp->faultCode() . "\n";
      echo 'Fault Reason: ' . $resp->faultString() . "\n";
      
   }   
}
else {
?>

<p>Enter a 12 digit UPC Barcode</p>
<form method="get" action="<?php print $_SERVER[PHP_SELF]; ?>">
<p><input type="text" name="upc" value=""/></p>
<p><input type="submit" value="Search"/></p>
</form>

Hi,
I am developing a web application using PHP and MySQL. I am filling my combobox with the value fetched from the MySQL database. I want to retain the selected value of the combo box in postback. I am able to do it with the statiic values. But in this case I am binding the combbox   dynamically with the values from the database. Can anybody please help me?
Thanks,
Regards,
Viji

I have created a query to show the subject name as a drop down box now I would like to you use value to compare what module available in the database.

For now I can disaplyed all the module that is avilable for all the subject. But i would like to use the drop down box to gather which subject they have chosend then use this information to gather the module

$query=("SELECT Tes_Name FROM User u, Subject s, Test t WHERE u.Use_ID = '{$_SESSION['ID']}'
    
    AND s.Sub_ID=t.Sub_ID

");
<Html>

<?php

session_start();

$Value1 = mysql_real_escape_string(trim($_POST['myselect'])); 

$_SESSION['myselect'] = $Value1;

//echo $Value1;

include '../Database/connection.php';



?>

<body>
<form action="Previousq_Module2.php" method="post">
<?PHP


include '../Database/Module_Exsit.php';


$result=mysql_query($query) or die ("Unable to Make the Query:" . mysql_error() );
echo "<select name=select>";

while($row=mysql_fetch_array($result)){

echo "<OPTION VALUE=".$row['Tes_ID'].">".$row['Tes_Name']."</OPTION>";
}

echo "</select>";

?>

<input type="submit" value="submit"/>
</form>
</body>
</html>

hello,
im using the php mailer, working nicely
but I need to put 3 values in my from fields in subject,
now I have just 1 field
$mail2->Subject = ($_POST['name']);
I need to include  in the subject email, commas and a message,
I tried the following, but not working (noob learning!)

$mail2->Subject = ($_POST['name'] "," $_POST['email'] "," "confirmation mail" );

thank you so much!

I have a form and on each input I set the value as the post variable of it's self.  I do this so that if the user submit the form and it has errors they haven't lost the data they have inputted.  For example

<input name="input1" type="text" value="<?php echo($_POST['input1']); ?>" />

This works fine for text field and textarea's but how do I retain the value of radio boxes and checkboxes?

Hi guys,

I wonder if anyone could help me. I have a string of data pertaining to images that is being passed from an ajax function. It is full of ID:VALUE pairs like this-

title1:something,caption1:blah blah blah,align1:left,width1:100,height1:100,title2:something else,caption2:more blah blah,align2:right,width2:300,height2:100

etc. (The digit after each id relates to the image- a crude way of data stuffing..) I've exploded this string by means of the comma separator into the $field_values array, so that it's now arranged like this-

$field_values[0] = 'title1:something'
$field_values[1] = 'caption1:blah blah blah'
$field_values[2] = 'align1:left'

...etc. With me so far? Right, so now I'm going to extract the id and value from each pair and put it into a new array of $image_data, where the first array key of $image_data is the no. of the image..like this-



            foreach($field_values as $pair){
               if(substr($pair['id'], -1) == '1'){
                  $field_id = substr($pair['id'],0,-1);
                  $image_data[1][$field_id] = $pair['value'];
               }
            }

... And then I'd do the same for all the id:value pairs for image no.2.

HOWEVER... I'd like to speed things up so that when I'm searching the $field_values array for the 2nd and 3rd image ID:VALUE pairs, it's not wasting time by cycling through all the pairs that I've already identified and put into the $image_data array. I thought I could use unset(), but I'm not sure quite how to implement it here.

I hope that my question is intelligible, and that somebody might be able to help me..?


Many Thanks!

Does anyone know why this isn't working?


$body = "
Dear ".if ($row['customertitle'] != '') {echo $row['customertitle'].' '.$row['customerlastname'];} else (echo $row['customerfirstname'];}."
<BR>
This is a test. ".$_SERVER['SERVER_ADDR']."
<BR>
".echo $accessinformation."
";