This question already has answers here:
php echoing angle brackets
(4 answers)
Closed 9 years ago.
Example data in my database:
blabla<blabla
I use phpmyadmin and can see that the data has been input successfully.
However when I try to display the data what I get is:
blabla NOT blabla<blabla
In other words, everything after the < symbol does not display.
<?
while ($mouselist_row = mysql_fetch_array($mouselist)) {
$mouselist_commonstrain = mysql_real_escape_string($mouselist_row['Common_Strain']);
echo "$mouselist_commonstrain.";
}
?>
I tried using mysql_real_escape_string.
Is there something in particular needed to display the <?
thanks
You want something like:
echo htmlspecialchars($mouselist_commonstrain);
(It needs to be HTML escaped.)
try this
$mouselist_commonstrain = stripslashes(htmlspecialchars($mouselist_row['Common_Strain']));
Your problem isn't escaping SQL but HTML. As answered in this question you can use htmlspecialchars function.
Related
This question already has answers here:
How do I replace certain parts of my string?
(5 answers)
Closed 6 years ago.
i have a problem.
I want in php to replace all 'blablabla' with 'bla'(because i hate blablabla). Here's my code:
<?php
$string = 'Dracula always says BlaBlaBla but says he never says BlaBlaBla';
$result = answer to replace here
?>
Thanks
Use srt_replace function to do that like this :
str_replace("BlaBlaBla","bla",$string);
You can use something like this:
str_replace("BlaBlaBla","bla",$string)
Also you can find it here in the docs: http://php.net/manual/en/function.str-replace.php
This question already has answers here:
How can I combine two strings together in PHP?
(19 answers)
Closed 7 years ago.
I'm trying to link several variables from a database into html. All the data is stored in the DB, however I can't figure out how to link the variables through HTML. Below is my code that I have tried, but doesn't work properly.
echo 'test';
I know the code works properly if I just do something like this (it does return the name):
echo $row["name"];
So why doesn't it work properly with the + $row["name"] + in it? It works perfect as long as I don't try and add data with the +'s.
Thank you!
this is the correct way to write this
echo 'test';
Use a . in stead of +.
And on a sidenote, if the data in the db isn't yet escaped, also use htmlspecialchars() on $row["name"]
Try like this.
echo "<a href='".$row['name']."'>test</a>";
This question already has answers here:
How do I extract query parameters from a URL string in PHP?
(3 answers)
Closed 8 years ago.
This would be an example:
redirect
dynamic_word can be changed because it is dynamic. When click "redirect", dynamic_word will be extracted. So, how to extract it in redirect.php file ? Thanks !
Use $_GET to get parameters from an URL
<?php
$thatName = $_GET['q'];
echo $thatName;
Result
dynamic_word
If samitha's correct looking answer is incorrect then perhaps you mean you would like to extract the dynamic word from a string.
In that case you could do
<?php
$string = 'http://mywebsite.com/redirect.php&q=dynamic_word';
$ex_stirng = explode('&q=', $string);
$dynamic_word = $ex_string(1);
?>
Or even use the strstr function:
http://www.php.net/manual/en/function.strstr.php
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Escaping double quotes in php
In my database, the record is shoing like this is php's code and "called" a special code.
When I am trying to fetch this text from mysql database to my php page, it is showing up to this is php's code and
My code is simple:
$all_gallery_ph_sql = mysql_query("SELECT `path`,`name`,`title`,`details` FROM `gallery` WHERE `status`='1' AND `type`='myreference' AND `enable_status`='1' LIMIT {$startpoint} ,{$limit}");
echo $res['details'];
So how to resolve this issue. Please help me.
Thanks.
You can use htmlentities():
echo htmlentities( $gallerycontent['content'], ENT_QUOTES);
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Difference between single quote and double quote string in php
Hey I'm having trouble inserting page content into my database.
I'm trying to store:
<p class=\"heading_large\"><?php echo $Topic2C2A[data]; ?></p>
Using this code:
$sql="UPDATE event SET
data='<p class=\"heading_large\"><?php echo $Topic2C2A[data]; ?></p>'
WHERE id='2'";
But when I look at the table all I see is:
<p class="heading_large"><?php echo ; ?></p>
I've obviously escaped the HTML with slashes, is there something similar I need to do with the PHP so $Topic2C2A[data] is displayed?
I would suggest you write your $sql as:
$sql="UPDATE event SET data='<p class=\"heading_large\">".$Topic2C2A[data]."</p>' WHERE id='2'";
Your issue is related to the fact PHP is processing variables inside " (double) quotes.
You can change quotes to ' (single) or another option is to change $Topic2C2A[data] to \$Topic2C2A[data].
Did you try mysqli_real_escape_string()? It should return a fully escaped String!