|
PHP - Are Quote Marks Required
While playing with some code, I wrote these few lines of script. $_SESSION["favcolor"] = green; echo "Session variable is ". $_SESSION["favcolor"] ;
I tested the code and everything worked fine. I corrected the code $_SESSION["favcolor"] = "green"; But when I tested it, the page would not open/load.
Then I removed the quote marks and restored the line to it's original state $_SESSION["favcolor"] = green; And things worked fine.
Shouldn't the quote marks be required? Similar TutorialsHi all, I have an issue on a form that when it gets submitted a slash '/' appears before every quote symbol. I had help solving the issue on one of the fields (the name field), but then later it was discovered that the slashes appear in all the fields whenever a quote was used (agreed, poor testing). Can someone be so good to help me solve this? My php knowledge is not so great which is exactly why I'm asking here Please see my code below. If this problem can be solved in the same manner as the name field was solved, then there are 2 files which will need the edits. They are below: (some trivial information purposely removed for security reasons) preview.php <div id="card"> <img id="logo" src="logo.jpg" /> <div id="card1"><?php echo stripslashes($_REQUEST['text1']); ?> </div> <div id="card2"><?php echo $_REQUEST['text2']; ?> </div> <div id="card3"><?php echo $_REQUEST['text3']; ?> </div> <?php if($_REQUEST['text4'] != '' && $_REQUEST['text5'] != '') $text = $_REQUEST['text4'].' • '.$_REQUEST['text5']; else $text = $_REQUEST['text4'].$_REQUEST['text5']; ?> <div id="card4"><?php echo $text; ?> </div> <div id="card5"><?php echo $_REQUEST['text6']; ?> </div> </div> second_form.php <?php session_start(); $db_host = 'localhost'; $db_name = ''; $db_user = ''; $db_pass = ''; $admin_email = "admin@aserver.com"; if(isset($_REQUEST['text1'])) $_REQUEST['text1'] = stripslashes($_REQUEST['text1']); $from = 'orders@mycompany.com'; if($_REQUEST['count'] != '50' && $_REQUEST['count'] != '100') { header( 'Location: order.php' ); die(); } $card_number = trim($_REQUEST['card_number']); $card_security = $_REQUEST['card_security']; $card_exp_m = sprintf("%02d",((int)$_REQUEST['car_exm_m'])%100); $card_exp_y = sprintf("%02d",((int)$_REQUEST['car_exm_y'])%100); $count = $_REQUEST['count']; $shipping = 8.65; $price = $shipping; switch($count) { case 50: $price += 25; break; case 100: $price += 38; break; } //$price = 0.01; //$shipping = 0.01; $price = sprintf("%0.2f",$price); $fd_xsd = 'http://***'; $v1_xsd = 'http://***'; $a1_xsd = 'https://***'; //$email_rep = str_replace('@','[at]',$_REQUEST['text4']); $soap = <<<SOAP <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header /> <SOAP-ENV:Body> <fdggwsapi:FDGGWSApiOrderRequest xmlns:fdggwsapi="$fd_xsd" xmlns:v1="$v1_xsd"> <v1:Transaction> <v1:CreditCardTxType> <v1:Type>sale</v1:Type> </v1:CreditCardTxType> <v1:CreditCardData> <v1:CardNumber>$card_number</v1:CardNumber> <v1:ExpMonth>$card_exp_m</v1:ExpMonth> <v1:ExpYear>$card_exp_y</v1:ExpYear> </v1:CreditCardData> <v1:Payment> <v1:ChargeTotal>$price</v1:ChargeTotal> <v1:Shipping>$shipping</v1:Shipping> </v1:Payment> <v1:Billing> <v1:Name>{$_REQUEST['text1']} - {$_REQUEST['text2']} - {$_REQUEST['text3']}</v1:Name> <v1:Email>{$_REQUEST['text4']}</v1:Email> <v1:Phone>{$_REQUEST['text5']}</v1:Phone> <v1:Address2>{$_REQUEST['text5']}</v1:Address2> <v1:Address1>{$_REQUEST['text6']}</v1:Address1> </v1:Billing> <v1:Shipping> <v1:Name>{$_REQUEST['info_name']}</v1:Name> <v1:Address1>{$_REQUEST['info_street']} {$_REQUEST['info_APT']}</v1:Address1> <v1:City>{$_REQUEST['info_city']}</v1:City> <v1:State>{$_REQUEST['info_state']}</v1:State> <v1:Zip>{$_REQUEST['info_zip']}</v1:Zip> </v1:Shipping> </v1:Transaction> </fdggwsapi:XXXApiOrderRequest> </SOAP-ENV:Body> </SOAP-ENV:Envelope> SOAP; // echo htmlentities($soap); $link = "https://ws.firstdataglobalgateway.com/****"; $store_id = "***"; $user_id = "***"; $pass = "***"; $key_pass = "***"; $uss_pass = ('WS'.$store_id.'***:'.$pass); $path = "/home/hoster/ssl_firstdata/"; $pem_path = $path . "***.pem"; $key_path = $path. "***_.1.key"; $ch = curl_init($link); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml") ); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);curl_setopt($ch, CURLOPT_USERPWD, $uss_pass); curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $soap); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSLCERT, $pem_path);//pem file curl_setopt($ch, CURLOPT_SSLKEY, $key_path); // crt file curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $key_pass); $res = curl_exec($ch); //$xml = simplexml_load_string('<?xml version="1.0" encoding="UTF-8"? >'.$res); $xml = simplexml_load_string('<?xml version="1.0" encoding="UTF-8"?>'.$res); $ch = $xml->children('SOAP-ENV',true);$ch = $ch[1];$ch = $ch->children('fdggwsapi',true);$response = $ch[0]; $orderId = trim((string)$response->OrderId); mysql_connect($db_host , $db_user, $db_pass); if(!mysql_select_db($db_name)) { echo "Create the database please"; exit; } $result = array( 'Order Number' => $orderId, 'errorMessage' => (string)$response->ErrorMessage, 'response' => $res, "\n\nv_name" => $_REQUEST['text1'], 'v_degree' => $_REQUEST['text2'], 'v_graduation' => $_REQUEST['text3'], 'v_email' => $_REQUEST['text4'], 'v_phone' => $_REQUEST['text5'], 'v_address' => $_REQUEST['text6'], "\n\nOrder Details" => "\n", 'v_quantity' => $_REQUEST['count'], 'cost' => ($_REQUEST['count'] == '50' ? '$25.00' : '$38.00'), 'shipping and handling' => '$8.65', 'total price' => ($_REQUEST['count'] == '50' ? '$33.65' : '$46.65'), "\n\nShipping Information" => "\n", 'name' => $_REQUEST['info_name'], 'street' => $_REQUEST['info_street'], 'apt' => $_REQUEST['info_APT'], 'city' => $_REQUEST['info_city'], 'state' => $_REQUEST['info_state'], 'zip' => $_REQUEST['info_zip'] ); if(strlen($orderId) != 0 && strpos((string)$response->ErrorMessage,'database error') === false)//success { $result['success'] = 1; $link = 'order.php?step=3'; $subject = "order submitted"; } else { $result['success'] = 0; $link = 'order.php?step=-3'; $subject = "Error occured while creating order"; } $_SESSION['data'] = $result; $into = array(); $values = array(); foreach($result as $key => $val) { $into[] = "`$key`"; if($key == 'v_quantity') $values[] = addslashes ($val); else $values[] = "'".addslashes($val)."'"; } $query = "INSERT INTO `***`.`orders` (".implode(', ',$into).") VALUES (".implode(', ',$values).");"; require_once "send_mail.php"; $sendTo = array($admin_email,$result['v_email']); send_mails($sendTo,$from,$subject,$result); mysql_query($query); header('Location: '.$link); exit; function render() { global $res,$xml; // var_dump($_REQUEST); // echo $res; // echo htmlentities($res); /* */ var_dump($xml); } ?> I am having a problem with my code and would be grateful if someone could point me in the right direction. Please see my code below:
<?php
$dbcon = mysqli_connect('localhost','user','','videos');
$sql='SELECT * FROM videos';
$result = mysqli_query($dbcon, $sql);
$row = mysqli_fetch_array($result);
$image = $row['image'];
$title = $row['title'];
$description = $row['description'];
echo '<a href="#">
<div class="thumb" style="background-image: url("' . $image . '");"></div>
</a>
</div>
<div class="column-content">
<p class="column-title">Latest Video</p>
<p class="column-heading"><a href="#">' . $title . '</a></p>
<div class="video-description">
<p>' . $description . '</p>'
mysqli_close($dbcon);
?>
Now the connection to the database works, also the title and description is fine too. The problem is with the image. I cannot get it to display and I'm sure it has something to do with the quotation marks but I don't know in what order they should be. If I just use html the code for the image would be : <div class="thumb" style="background-image: url('image.jpg');"></div> with just a single quotation around the image url. Any help would be much appreciated.
Tony So I ran into the most bizarre problem ever on my live server. For some odd reason something, somewhere is adding an extra character after every " mark I have. Now I am using zend framework but this can not be an issue involving them since everything works perfectly on my localhost. I am using 1and1 to host my application but for the love of me I can not narrow this down any more. Ex of my problem, I type this into my text box: "This is a sentence" and it proceeds to saving this: \"This is a sentence\" Something is happening right after I submit my form because if I add the code directly in my database, it displays everything fine. Has any one ever ran into this problem before? Hi everyone, I am having a problem with using quotation marks / apostrophe with php and mysql. If I enter the following lines in mysql. "user's resume" when I do a query from mysql i get back " User\'s resume" it's adding a slash before the apostrophe. How can I fix this ? Thanks. Hello, I have a script coded in PHP and alot of JavaScript and I have problems with languages like Arabic and Hebrew ( non Latin characters) .. It is showed as question marks in the website like this ( ?????????) and in the database .. I converted the SQL Database from Latin Swedish to UTF-8 in phpmyadmin and now the database is correct but the website is still in question marks . In every HTML code you can see this : ........... content="text/html; charset=utf-8"/> and I tried changing the same php pages to UTF-8 using text editors but nothing happened . any help will be great. thanks. Hey, I've created a messaging system for my site and I'm trying to make it so that a copy of the original message is included and automatically put into the message content box when somebody clicks to reply. I've done this literally just by making the "reply" button into a form which also posts the content of the message from the previous page and puts it into the content box. However I have some issues with it: firstly, wherever ' is used, it becomes \' and wherever " is used, the whole of the rest of the message is blanked out. Can anybody point me in the direction of the solutions I might need to make it so that ' and " both appear normally without cutting the rest of the message off? Thanks in advance & let me know if anything is missing! hello, i have this text file attached, and I am currently extracting the data from it. and yeah, I know how..but the problem is the double quotation marks. the last double quotation mark doesn't go away,,,am also aware that trim() only accepts strings. but how come, it does remove the first double quotation mark and leave the 2nd one. here's my script, feel free to download the file and try my script in your own localhost and tell me what's wrong . Thanks in advance $fh = fopen('iso3166.txt','r'); while(!feof($fh)) { $lines = fgets($fh); $parts = explode(",",$lines); print trim($parts[1],'"')."<br />"; } fclose($fh); Hi, I am somewhat new to PHP but I have a little experience. I am having trouble coding this script to set variables with extra quotations and replacing some exploded strings. Here is the script. Code: [Select] <?php $ToCutDown = "[{"parentMessageId":-1,"message":"%3Ca%20href%3D%27%23%27%20class%3D%27standardLink%27%20onclick%3D%27showMobStats%28674542538%29%3B%27%3Eaka%20Bubbles%3C%2Fa%3E%20broadcast%20a%20message%3A%20%3Cfont%20color%3D%27red%27%3E%22Place%20Bounty%20on%20%26quot%3Baka%20Bubbles%26quot%3B%20%28Minimum%20of%20%2418%2C107%2C899%2C000%29%22%3C%2Ffont%3E%2E","id":28152301,""; $Exploded = explode("[{"parentMessageId":-1,"message":"", $ToCutDown); $Exploded = explode(","id":28152301,"", $Exploded[0]); $Exploded = urldecode($Exploded[1]); $StringReplace = str_replace("<a href='#' class='standardLink' onclick='showMobStats(674542538);'>", "", $Exploded); ?> So I'm trying to work with specific strings that have quotation marks in them (Which cannot be removed) & I'm having a hard time using them in variables and in any function that requires you to choose parameters with either ' ' or " ". Any suggestions would be appreciated thanks MOD EDIT: [code] . . . [/code] tags added. Hi all... once again I am trying to re-educate my self into PHP after a long gap. I do not have a problem as such just a question... here is part of my script that doesnot work; <? $sql= "INSERT INTO member ( username, ) VALUES ( \"$_SESSION['nm_username']\", \"$_SESSION['nm_email']\" )"; ?> The above errors because there are single quotation marks in the session variables. When I remove them the script works and the values of the variables seem to be correct! My question is - do I NEED the quotation marks in the variable and if so how should I write the query? Regards Hi All, I have a html form that I can submit using php, which then enters information into a database. This works fine when the text is just standard text - for example "the cat is on the mat". But if I put in "the cat's on the mat" - then the speach mark throws an error up! Is there any way around this? Thanks Matt I embed videos on my site. I submit the embed codes to my database using a form. The codes look like this:
<iframe width="560" height="315" src="//www.youtube.com/embed/xDIgbjDGsOM?rel=0" frameborder="0" allowfullscreen></iframe>Before I submit each code, I have to change its width and height, and I have to add this: &showinfo=0after this: ?rel=0Is there a function that will allow me to do all of that simultaneously? I know about str_ireplace(). It will let me replace ?rel=0 with ?rel=0&showinfo=0, but I don't know how to simultaneously make the other changes. It's not helping that the embed code includes quotation marks. I just finished adding the ability to add Comments after Articles on my website. Now it would be nice if people could Quote other Posts/Comments juts like you can do here on PHPFreaks. The problem is that I have this code to eliminate any security issues with HTML... echo ' <div class="userPost"> <span class="commentDate">Posted on: ' . date('Y-m-d g:ia', strtotime($createdOn)) . '</span> <span class="commentNo">#' . $commentCount . '</span> <p>' . nl2br(htmlentities($comments, ENT_QUOTES)) . '</p> </div>'; Any suggestions to have it both ways? Thanks, Debbie I need some help working out this MySQL query:
I need it to pull a random quote, that hasn't been used before (that's the 'checked' part of the query), and it needs to find it based on a specific category. I am using this alongside PHP with MySQLI Prepared method.
SELECT `id`, `word`, `def` FROM `dictionary` AS `r1` JOIN (SELECT (RAND() * (SELECT MAX(`id`) FROM `dictionary`)) AS `id`) AS `r2` WHERE `r1`.`id` >= `r2`.`id` AND `category`=? AND `checked`=0 ORDER BY `r1`.`id` ASC LIMIT 1This query yields an error stating that the id column is ambiguous. Hi, I'm trying to delete a string that's single quoted. From: Cyto's to Cyto, but doesn't work. It works when I add 's to the string with stripslashes, but I can't seem to delete a quote from a string. Does someone know how? My $_post code: Code: [Select] $name=mysql_real_escape_string(stripslashes($_POST["ename"])); Cheers Hey, I just wondered if someone could help me with this small problem? Here's the code: <?php if($_GET['act'] == "generate_quotes") { $db = mysql_connect("*", "*", "*") or die ("Unable to connect to database."); mysql_select_db("quote") or die ("Unable to select database."); $offset_result = mysql_query( " SELECT FLOOR(RAND() * COUNT(*)) AS `offset` FROM `quote` "); $offset_row = mysql_fetch_object( $offset_result ); $offset = $offset_row->offset; $result = mysql_query( " SELECT * FROM `quote` LIMIT $offset, 1 " ); $fetch = mysql_fetch_array($result); echo "<blockquote>".$fetch['q_quote']; mysql_close($db); } else { echo "<img src=\"1.png\">"; } ?> <a href='gen.php?act=generate_quotes'>Generate</a> Basically what it does is shows an image until a link is clicked, then the image disappears and some quotes are generated in it's place. When you click the link, sure enough, the image disappears and the quotes are read from the database. But after that the link doesn't change the quote. [it's meant to randomly cycle through the quotes in the database]. The quote still changes when refreshing the page, but this link: <a href='gen.php?act=generate_quotes'>Generate</a> does nothing after 'generate_quotes' has been set. any ideas how to fix this? thanks in advance. So I am trying to make my life easier at work. I have this idea that I can automate the sales quote via a simple website. I have the entire product list in MySQL and I can query for the individual catagories etc etc and get them to display. The display shows the SKU, Description, Price, and a third field to select quantity. The issue is that once they select a quantity of a paticular line item I need that line item (sku, description, and price fields) to be carried over to the final quote page where the math is done. Not sure how to key the paticular line item fields off the quantity field. Any ideas greatly appreciated... Code: [Select] <?php $query = "SELECT * FROM tbl_prods WHERE cat = 'fruit'"; $target = mysql_query($query); confirm_query($target); while($row = mysql_fetch_assoc($target)) { ?> <form action="quoter.php" method="POST"> <tr> <td><input name="sku" type="text" value="<?php echo $row[sku]; ?>" size="20" /></td> <td><textarea name="desc" cols="150" rows="2"><?php echo $row[desc]; ?></textarea></td> <td><input name="price" type="text" value="<?php echo $row[price]; ?>" size="20" /></td> <td><input name="quantity" type="text" value="0" size="3" maxlength="2" /></td> </tr> <?php } ?> </table> <input type="hidden" name="cust" value="<?php echo $cust; ?>"></p> <input type="hidden" name="reg" value="<?php echo $region; ?>"></p> <input type="submit" name="submit" value="Submit"></p> </form> If this were an example post in a forum: Code: [Select] $post = '[quote author=james]hello this is a quote[/quote] here is some mor text between the next coming quote [quote author=david]hello this is another quote[/quote]'; What is the best way to replace the [quotes author=x] with opening html tag eg: Code: [Select] <div class="quote"><div class="quoteTitle">author=x</div> And then determine if the next is a [/quote ] is an opener or close quote? And then of course there is the issue of the user deleting a [/quote] or even placing a [/quote] before an open quote... Does anyone know of an example to look at? Good Day everyone. I'm looking at creating a quote calculator, it will be like a form with questions about what the user wants to buy or quote and will give out a number in dollars based on what product the user selects from a drop down list. Example: What sandwich would you like to buy? (List Items) Price:(prices will be echo here). 1. Roast beef 2. Chicken 3. vegetable 4. Fish Now if the user selects Roast Beef, the price of the Roast Beef sandwich will be echo or printed. What would you like on your sandwich? (Check boxes must be use because user may need more then one condiment added.) 1. Ketchup 2. Cheese 3. Mustard 4. Lettuce Now if the user add ketchup, Cheese, ect, the price will add to the price of the sandwich and echo a total. Would you like a drink with your order? Again check boxes, user can select more then one drink, price added and totaled. 1. Diet Coke 2. Sprite 3. Root Beer 4. Mountain Dew. Also I need to be able to change the prices of each product in the script. The user does not see the price. The price only becomes visible when the item selected and added to the total. I would like to do this myself but novice to php, I have never done this kind of script befor and have been searching for tutorials and other resources but nothing close to this. Does anybody know where I can find an example, tutorials? Thanks everyone. IC Hi, I am trying to send input Don't, can't or anything else which contains '. But Ajax sends it like: t_name=Don%27t&_=1589636831048 and then I got an error while trying to insert to mysql. I only have problem with '. I tried lots of thing but something is missing. I couldn't figure it out. Could somebody help me? My Ajax:
var t_name = document.getElementById(mydiv).value;
$.ajax(
{
type: "GET",
url: './api/objects/add.php',
async:false,
cache:false,
contentType: "application/x-www-form-urlencoded;charset=ISO-8859-1",
dataType: 'json',
data: {
t_tsk: id,
t_name: t_name
},
success: function (result) {
},
error: function(xhr, status, error) {
document.getElementById("errorDiv").hidden = false;
if (xhr.responseText) {
} else {
}
}
});
My url when I write don't to input area: /add.php?t_tsk=1&t_name=Don%27t&_=1589636831048 My php code:
<?php
// include database and object files
include_once '../config/database.php';
include_once '../objects/myObject.php';
// get database connection
$database = new Database();
$db = $database->getConnection();
$myObject = new MyObject($db);
$myObject->t_id = isset($_GET['t_tsk']) ? $_GET['t_tsk'] : die();
$myObject->name = isset($_GET['t_name']) ? utf8_decode($_GET['t_name']) : die();
if($myObject->create()){
http_response_code(200);
$myObject_arr=array(
"status" => true,
"message" => "Successfully created!",
"id" => $myObject->id,
"name" => $myObject->name
);
}
else{
http_response_code(401);
$myObject_arr=array(
"status" => false,
"message" => "Error!"
);
}
print_r(json_encode($myObject_arr));
?>
Thank you all. |
|||||||