Jump to content
Larry Ullman's Book Forums

Search the Community

Showing results for tags 'escape'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Single Editions
    • Modern Javascript: Develop and Design
    • The Yii Book
    • Effortless Flex 4 Development
    • Building a Web Site with Ajax: Visual QuickProject
    • Ruby: Visual QuickStart Guide
    • C++ Programming: Visual QuickStart Guide
    • C Programming: Visual QuickStart Guide
    • Adobe AIR: Visual QuickPro Guide
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (5th Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)
    • PHP 6 and MySQL 5 for Dynamic Web Sites: Visual QuickPro Guide (3rd Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (2nd Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (1st Edition)
  • PHP for the Web: Visual QuickStart Guide
    • PHP for the Web: Visual QuickStart Guide (5th Edition)
    • PHP for the Web: Visual QuickStart Guide (4th Edition)
    • PHP for the Web: Visual QuickStart Guide (3rd Edition)
    • PHP for the World Wide Web: Visual QuickStart Guide (2nd Edition)
    • PHP for the World Wide Web: Visual QuickStart Guide (1st Edition)
  • Effortless E-commerce with PHP and MySQL
    • Effortless E-Commerce with PHP and MySQL (2nd Edition)
    • Effortless E-Commerce with PHP and MySQL
  • PHP Advanced: Visual QuickPro Guide
    • PHP Advanced and Object-Oriented Programming: Visual QuickPro Guide (3rd Edition)
    • PHP 5 Advanced: Visual QuickPro Guide (2nd Edition)
    • PHP Advanced: Visual QuickPro Guide
  • MySQL: Visual QuickStart Guide
    • MySQL: Visual QuickStart Guide (2nd Edition)
    • MySQL: Visual QuickStart Guide (1st Edition)
  • Other
    • Announcements
    • Newsletter, Blog, and Other Topics
    • Forum Issues
    • Social

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Found 2 results

  1. Hello Forum - hello Larry - - I'm working on a Mac, OS X Version 10.5.8. When I write a quote that contains an apostrophe to quotes.txt file, for example -- I've wasted my hours. - Leonardo da Vinci -- somehow a backslash appears before the apostrophe in the text file, and the same quote inside quotes.txt looks like this: I\'ve wasted my hours. - Leonardo da Vinci When I get the same quote from the text file via php back to the browser in view_quote.php, the backslash is displayed. The backslash also appears before double quotes: \"I've wasted my hours.\" - Leonardo da Vinci Why do backslashes appear, and what can I do to remove them? Thank you! - Dimitri Vorontzov
  2. Hi all, I've created a search page on my website with pagination from the book. If a search is entered with an apostrophe, the first time the search page (and sticky form value) is loaded, it looks fine, but as you click on each of the page links, the apostrophe is escaped again, adding slashes into the form value and the url: Initial search of Mother's Day: http://aqualee.com/n...=Mother%27s+Day After clicking back & forth on the previous/next page links a couple times: http://aqualee.com/new/search.php?keyword=Mother\\\\\\\'s%20Day&s=6&p=2 My best guess is that it's applying htmlspecialchars (for the page title & form value) and/or mysqli_real_escape_string (for the keyword in the url) with each page load, but I can't figure out the logic in how to avoid that while keeping the data safe. This update to my site is my first foray into PHP or SQL, and I have as much experience in programming as a semester in C++ can give you. Here's the relevant code (I think!)... $show_keyword is set and used in the title and form value here // set page title if (isset($_GET['keyword'])) { $show_keyword = htmlspecialchars($_GET['keyword']); } $page_title = 'Search results for '.$show_keyword.' greeting cards by Aqua Lee'; include ('header.html'); // create text form to search with sticky value echo '<form action="search.php" method="GET"> <label>Search: <input type="text" name="keyword" size="20" maxlength="50" value="'.$show_keyword.'" /></label> <input type="submit" value="Search" /></form>'; $search_term is set & escaped here // validate and secure user entry if (!empty($_GET['keyword']) ) { $search_term = mysqli_real_escape_string($dbcon, trim($_GET['keyword']) ); } $search_term is used in the urls where extra slashes show # create pagination links // Make the links to other pages, if necessary. if ($pages > 1) { echo '<br /><p>'; $current_page = ($start/$display) + 1; // If it's not the first page, make a Previous button: if ($current_page != 1) { echo '<a href="search.php?keyword='.$search_term.'&s=' . ($start - $display) . '&p=' . $pages. /*. '&sort=' . $sort . */'">Previous</a> '; } // Make all the numbered pages: for ($i = 1; $i <= $pages; $i++) { if ($i != $current_page) { echo '<a href="search.php?keyword='.$search_term.'&s=' . (($display * ($i - 1))) . '&p=' . $pages./* . '&sort=' . $sort . */'">' . $i . '</a> '; } else { echo $i . ' '; } } // End of FOR loop. // If it's not the last page, make a Next button: if ($current_page != $pages) { echo '<a href="search.php?keyword='.$search_term.'&s=' . ($start + $display) . '&p=' . $pages./* . '&sort=' . $sort . */'">Next</a>'; } echo '</p>'; } Can you tell me where the redundancy is, if that's the problem? Do I even need to escape the form input if I'm just displaying it in the title or in the form? I read about some similar problems with apostrophe, and magic quotes were suggested to be the culprit...they are turned off in my php.ini file. Thanks for taking a look!! -Marilee
×
×
  • Create New...