Necuima 18 Posted June 9, 2017 Report Share Posted June 9, 2017 Hi Larry, I am progressively updating all my websites to use PDO for database actions rather than escape_data/mySQLi. Can you please recommend the safest way to store HTML links in a database table using PDO. Do they first need to be urlencoded, say, and/or quoted? I have searched via Google but have not found clear guidance (for my aged brain anyway). My code sequence is: 1) create a new PDO 2) create (say) SELECT with placeholders 3) prepare 4) bind parameters and values (one by one for clarity) 5) execute 6) check for successful execution all within a try/catch block then null the PDO. Looking forward to your advice. Cheers from Oz. Quote Link to post Share on other sites
Necuima 18 Posted June 9, 2017 Author Report Share Posted June 9, 2017 My question relates to INSERT and UPDATE operations so my details above might be a bit misleading. For the 'binds' I also append the type specifier, e.g., PDO::PARAM_STR etc. To check for rows affected I add PDO::MYSQL_ATTR_FOUND_ROWS => true to the PDO creation statement. Hope that makes it clearer. Cheers Quote Link to post Share on other sites
Larry 428 Posted June 14, 2017 Report Share Posted June 14, 2017 Could you elaborate on where the HTML links are coming from (how they're being supplied) and the specific format? The safest option is to accept and store the URL and link title as two separate strings and then put them together in HTML using PHP. Quote Link to post Share on other sites
Necuima 18 Posted June 16, 2017 Author Report Share Posted June 16, 2017 Hi Larry, I key the links in in a form - they just refer to a website for a member of a club that I'm the webmaster of. They are just HTML (<a ... etc ) so that if someone clicks the link, they will go to that website. Someone else suggested just storing the link 'as is' in the database but applying htmlentities to it before echo-ing it to the page. Again, thank you for your response and looking forward to your further advice. Cheers Quote Link to post Share on other sites
Larry 428 Posted June 16, 2017 Report Share Posted June 16, 2017 Yeah, I'd just take the URL and the link title as two separate strings, store them as separate strings (without any encoding), and then use PHP to make them as links when needed. Quote Link to post Share on other sites
Necuima 18 Posted June 17, 2017 Author Report Share Posted June 17, 2017 Thanks, Larry. Cheers from Oz. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.