I select a list of names from mysqli database then display row details in display.php with if (isset($_GET['name']));
The link is
$str = strtoupper($str);
echo "<tr><td><a href='php/display.php?name=$str'>$str</a></td></tr>";
This executes correctly unless name contains '(apostrophe).
For instance $str (as input/click) shows as L'ECLIPSE but the <a> link only L'
The result in display.php is 'No data found for your request'
I have found exact same queries on this site but none of the answers have resolved my problem. Perhaps I am not implementing correctly.
I assume this is about escaping. But I know little about it.
<?php
$str = strtoupper($str);
echo "<tr><td><a href='php/display.php?name=".urlencode($str)."'>$str</a></td></tr>";
urlencode() the string first. So you don't get this kind of problems.
Try this code.
<?php
$str = strtoupper($str);
echo "<tr><td><a href='php/display.php?
name=".htmlspecialchars($str)."'>$str</a></td></tr>";
?>
Your Single quote becomes ' ;
I hope it will help
Related
I have a database table that contains these rows, "id" ,"link" and "name"
with link being :
<a href=\"https://www.sample.com/file1.php\">[1-200]< /a> <a href=\"https://www.sample.com/file2.php\">[201-224]< /a>
and name :
item1
I have the following PHP code to get the info from the database and return it to visitors. My problem is that the link for file2.php, is not only applied as hyper link for [201-224], the hyperlink is applied for the rest of the page content also. How do I prevent this? And thanks in advance.
echo "</br> ".$name= $row['name'];
echo "</br> ".$Torrentlink= preg_replace('/\\\\/', '',$row['Torrentlink']);
echo "</br> ";
echo "</br> ";echo "</br> ";
echo "the rest of my text goes here ";
This is a terrible way to handle this type of data. If you know they are all links then you should only be storing the link and the name (of course id and other meta data could be useful). Your current situation allows for too many errors and a maintenance problem for those working behind you. If you do not want to create a record for each link, consider storing them as JSON or some other format.
Example: (Store JSON in DB as VARCHAR)
<?php
//Populate variable from DB
//$TorrentLinks = $row{'Torrentlink'};
$TorrentLinks = '[
{"url":"https://www.sample.com/file1.php","text":"[1-200]"},
{"url":"https://www.sample.com/file2.php","text":"[201-224]"}
]';
//Convert to array
$jsonLinks = json_decode($TorrentLinks,true);
//Iterate and print links
foreach ($jsonLinks as $key => $value) {
echo "{$value["text"]}<br />";
}
Results:
[1-200]
[201-224]
Depending on how you capture the data, you could also use something like htmlspecialchars() to keep the special characters from executing.
I think there's a problem with your preg_replace('/\\\\/', '',$row['Torrentlink']);
/\\\\/ finds text with double backslash \\. It seems that your intention is to find only single backslashes to get rid of them in your links.
So try replacing it with
preg_replace('/\\/', '',$row['Torrentlink']);
For example https://regexr.com/ is a good place to check your regular expressions.
the error was simply the input html text.
the problem was the " < /a> " in the line:
<a href=\"https://www.sample.com/file1.php\">[1-200]< /a> <a href=\"https://www.sample.com/file2.php\">[201-224]< /a>
I had a space before the the backslash.
Help I am stuck with the following Problem and i cant figure this out. I am supposed to do the following in PHP:
Set a variable to the following: “<&¢£¥€©>” and output it as shown to
the browser window.
Here is my code:
<?php
$str = "<&¢£¥€©>"
echo htmlspecialchars($str);
?>
but i keep getting an error.
Missing semicolon
$str = "<&¢£¥€©>"; // <-- missing semicolon
echo htmlspecialchars($str);
Do you mean you want to do something like this?
$str = "<&¢£¥€©>";
echo htmlspecialchars($str);
I am writing an application that will look at a single record, obtain values from about 12 flags (0 or 1), look up those flags against a status table (in MySQL) and return a variable called $status_message which is in that table.
In this table I need to have hyperlinks (working fine) but also echo some variables, i.e.
You have no bids for {{$row->_item_name}}
or
View this item now by clicking here
Now I need item name and the other example to be translated into <?php echo $row->_item_name; ?>
I have tried a preg_replace with the following:
<?php
$find = array('/{{/', '/}}/');
$replace = array('<?php echo ', ' ?>');
echo preg_replace($find, $replace, $status_message);
?>
but this is not working.
Can anyone advise how I can get the desired result and 'echo' the variable in the MySQL field?
Had a brainwave. Much simpler,
instead of $row->_item_name I just put {{itemname}} in the string. I then use the following code:
<?php
$message_buyer = str_replace('{{itemname}}', $row->_item_name , $message_buyer);
echo $message_buyer;
?>
so no need to have <?php calls in the string at all.
I am using adcenter ads, which are as follows-
ads.ad-center.com/offer?prod=101&ref=5030200&q=Keyword
Now i want to replace Keyword in link with post title automatically. i have tried this code, but it return first word from title, code is-
<?php
$title = get_the_title();
echo "<a href=http://ads.ad-center-com/offer?prod=101&ref=5030200&q=$title >Download</a>"
?>
please solve it or tell me other method to add title in link automatically.
Thanks
When you are adding some string in URL remember to encode the string.
$title = urlencode(get_the_title());
echo "<a href='http://ads.ad-center-com/offer?prod=101&ref=5030200&q=$title'>Download</a>";
In your case the value of the href attribute in your a tag must be encapsulated into double quotes, as it can contain spaces. You can escape them like this:
echo "Download";
or you can use the concatenation:
echo 'Download';
I started doing a new project in PHP / MySql . The Aim of this project is to manage articles for a magazine that i am the editor of.
So the content of the articles, i decided i would store with the "TEXT" column type of MySql
Now when i retrieve this column and print it with echo, the newlines are not there. Its all on the same line.
$resset = mysql_query("select txt from articles where id = 1");
$row = mysql_fetch_assoc($resset);
$txt = $row['txt'];
echo $txt; //doesnt print it as it is in the database as it was typed (multiline)
Find below, the text as it looks in the database and as it looks when it is echoed
in the databse, it is with new lines http://img413.imageshack.us/img413/4195/localhostlocalhostzxcvb.jpg
Text as it looks when echod http://img718.imageshack.us/img718/1700/sdashboardmozillafirefo.jpg
But within the database, its stored with newlines.
Has anybody else encountered this problem?
Please help me as my project depends on this :|
Whitespace in HTML is folded into a single space. Use nl2br() if you want to maintain newlines in HTML.
Have you tried
echo $txt."<br/>";
alternatively, you can put your output between <pre> tags:
echo "<pre>";
$resset = mysql_query("select txt from articles where id = 1");
$row = mysql_fetch_assoc($resset);
$txt = $row['txt'];
echo $txt; //doesnt print it as it is in the database as it was typed (multiline)
echo "</pre>";
btw,
echo $txt."<br/>";
may not work since it will just append newline at the end but not within $txt string
I know this isn't part of your question, but if you additionally want new lines in your HTML code but not your presentation, use double quotes with \n. This can help keep the HTML really tidy.
echo "\n";