Hi,
i'm newbie with UD and PHakt. I'm able to connect, to insert to modify any fields, number or text...but except when in my text there's a quote: like in "John's book".
What do i have to do ? I don't know any word off PHP, but it seems to be not needed?...
I think it's some misconfiguration off my PHakt or something.
May you help me?
Thanks a lot

leForban

Sorry I missed your post, otherwise I would have replied sooner.

There are always potential problems with any DB when you are including quotation marks and the like in your data.

Normally what you would do is use the PHP function addslashes() to insert an escape string ( \ ) before any character that is 'reserved' or has special usage, when you are in fact inserting the data.

The fact that you already have a DB with these characters in means that unfortunately you will have to go through your data and escape it.

So for example, "John's Book" will become "John\'s Book".

It's a pain, I know, but when you use the standard UD methods for entering this data into your DB you shouldn't have this problem.

Hope this helps.

Tim Green

Extension & PHP TalkZone Manager
<font size=1>-------------------------------------------
<i>Please read the Forum FAQ before posting
a question to this TalkZone.</i>
-------------------------------------------
www.UDzone.com : A dynamic Dreamweaver,
Ultradev and Fireworks site for developers
by developers.
-------------------------------------------</font id=size1>

Okay,

but what if you have text with quotes like in: <b>pc's</b>
in your database and for some reason the output on your screen gets: <b>pc\'s</b>

How to prevent that from happening?

Gompy.

try the command stripslashes...

Regs


leForban

And you can implement that command with great simplicity.

If you drag and drop your column to the point on the page where you want the information to appear, and then look in the data binding palette, you will see a couple of drop down menus.

The furthermost right dropdown contains a list of all the Server Formats avalable.

Go to the Strings Menu, and find the Strip Slashed entry. Select it, and the stripslashes function will be automatically placed in your code where required.

Hope this helps.

Tim Green

Extension & PHP TalkZone Manager
<font size=1>-------------------------------------------
<i>Please read the Forum FAQ before posting
a question to this TalkZone.</i>
-------------------------------------------
www.UDzone.com : A dynamic Dreamweaver,
Ultradev and Fireworks site for developers
by developers.
-------------------------------------------</font id=size1>

Wow, thanks... I just figured it out by adding the code manually, I didn't even know about these drop down menus and it has solved a number of other questions that I had, great!

Gompy.

<BLOCKQUOTE id=quote><font size=1 face="Verdana, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote>It's a pain, I know, but when you use the standard UD methods for entering this data into your DB you shouldn't have this problem.<hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Verdana, Arial, Helvetica" size=2 id=quote>

I have this problem while trying to insert records. I've tracked it down to a mediumtext field. Whenever someone enters a ' or " or almost any special char I get a SQL error when trying to insert the record. Is there a way to use addslashes() whithout modifing the code? UD somethimes has a problem when you modify it's code?

Stephen Cox
web.net geek for nonprofits and political campaigns.

There is a very very useful option in PHP that will do that for you transparently.

When a form is submitted, all the data are automagically addslashed...

It is here :

magic_quotes_gpc = On

then you won't never have to take ' or " in account.

But use this carefully, because, the values are MODIFIED and therefore are not the exact content the user entered.

Bruno

"First they laugh at you, then they fight you, then you Win..." Ghandi

I found a way...
In the PHP code inserted by PHAkt in your UD page, search for :
else if ($delim == "'"
{ // do not escape quotes in PHP4
$formVal = "'" .$formVal . "'";

And then replace $formVal = "'" .$formVal . "'";

by $formVal = "'" . str_replace("'","\'",$formVal) . "'";

After that don't tuch any more to your "insert" or "update" behavior...it will be replaced again by PHakt by a new one...

Hope this help.
Regards,



leForban

<BLOCKQUOTE id=quote><font size=1 face="Verdana, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote>
magic_quotes_gpc = On<hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Verdana, Arial, Helvetica" size=2 id=quote>

Ahhh... that explains why our local (test) server worked and the online didn't. I realized this morning that the PHP setups has to be different. Does turning magic_qoute on online present a security hole?

I'll try the other fix today and post my results here. I'd prefer not to have to turn on magic_qoutes online- due to security problem I've been hearing about.

Stephen Cox
web.net geek for nonprofits and political campaigns.

If turning magic quotes causes you concern (which it shouldn't as strictly speaking this is the default setting when you install PHP) you can implicitly turn it on and off for each page that requires it using the PHP ini_set command.

To turn it on use :-
&lt;?php
ini_set("magic_quotes_gpc",1);
?&gt;

and to turn it off use :-
&lt;?php
ini_set("magic_quotes_gpc",0);
?&gt;

Put the first code block at the very top of your page, and the second code block at the very end of your page.

Hope this helps.

Tim Green

Extension & PHP TalkZone Manager
<font size=1>-------------------------------------------
<i>Please read the Forum FAQ before posting
a question to this TalkZone.</i>
-------------------------------------------
www.UDzone.com : A dynamic Dreamweaver,
Ultradev and Fireworks site for developers
by developers.
-------------------------------------------</font id=size1>

Edited by - rawveg on 09/16/2001 04:27:45

Thanks Tim. How you'd get so good at this anyway? <img src=../images/dmxzone/forum/icon_smile.gif border=0 align=middle>

Stephen Cox
web.net geek for nonprofits and political campaigns.

Many years of practice Stephen working 20 hour days for NPOs with very small budgets <img src=../images/dmxzone/forum/icon_smile_wink.gif border=0 align=middle>

Tim Green

Extension & PHP TalkZone Manager
<font size=1>-------------------------------------------
<i>Please read the Forum FAQ before posting
a question to this TalkZone.</i>
-------------------------------------------
www.UDzone.com : A dynamic Dreamweaver,
Ultradev and Fireworks site for developers
by developers.
-------------------------------------------</font id=size1>

Edited by - rawveg on 09/16/2001 14:56:33