...

View Full Version : queries with apostraphes



boeing747fp
04-25-2004, 01:14 AM
how come you can't use apostraphes in search queries? i have a music artist in the database called Caedmon's Call and it stops at Caedmon and the rest of the query has errors... can this be fixed somehow?

Nightfire
04-25-2004, 01:19 AM
Use addslashes (http://www.php.net/addslashes)? OR if it's going through the url maybe rawurlencode (http://www.php.net/rawurlencode)?

boeing747fp
04-25-2004, 01:21 AM
thanks. addslashes didnt work for me. ill try rawurlencode

raf
04-25-2004, 01:25 AM
thanks. addslashes didnt work for me. ill try rawurlencode
I'm not sure what you are trying to do.

Are you using the artists name inside the where clause of a select?
like


$name = "Jacky O'connor" ;
sql="select var from table where var2='" . $name. "'"; //--> will error
sql="select var from table where var2='" . addslashes($name) . "'" //--> will not error

boeing747fp
04-25-2004, 01:25 AM
didnt work... the query works with addslashes but when i try to send the user a link with the name in it, it doesnt work. not even with rawurlencode

raf
04-25-2004, 01:25 AM
what do you mean by 'doesn't work'

boeing747fp
04-25-2004, 01:27 AM
here's my code
---------------------


<?php
$con = mysql_connect("localhost","user","password");
$dd = mysql_select_db("database",$con);
$sql = "SELECT * FROM `spotlight`";
$result = mysql_query($sql) or die ("Query Problem ".mysql_error());
while($row = mysql_fetch_array($result)){
$artist = addslashes($row[spotlight]);
$spotlight = rawurlencode($row[spotlight]);

$sql2 = "SELECT * FROM `cds` WHERE `artist` = '$artist' ";
$result2 = mysql_query($sql2) or die("Query Problem: ".mysql_error());
while($row = mysql_fetch_array($result2)){
$asin = $row[7];
$theLocation="http://www.amazon.com/exec/obidos/tg/detail/-/$asin/1057thex-20/";
$baseURL="";
preg_match("/^(https?:\/\/)?([^\/]*)(.*)/i", "$theLocation", $matches);
$theDomain = "http://" . $matches[2];
$page = $matches[3];
$fd = fopen($theDomain.$page, "r");
$value = "";
while(!feof($fd)){
$value .= fread($fd, 4096);
}
fclose($fd);
$start= strpos($value, '<b class="price">');
$finish= strpos($value, '</b>');
$length= $finish-$start;
$value=substr($value, $start, $length);
$FinalOutput = preg_replace("/(href=\"?)(\/[^\"\/]+)/", "\\1" . $theDomain . "\\2", $value);
echo "<table width='100%' border='0' cellspacing='0' cellpadding='0'>";
echo "<tr>";
echo "<td align='center' width='23%' rowspan='3'><a class='three3' href='info.php?artist=$spotlight&album=$row[0]'><img src='$row[2]' border=1 width='50' height='49'></a></td>";
echo "<td width='77%'><a class='three3' href='info.php?artist=$spotlight&album=$row[0]'><span class='searchTitle'>$row[1] - $row[0]</span></a></td>";
echo "</tr>";
echo "<tr>";
echo "<td>";
if($row[7] == ""){
echo "<span class='priceStyle'>No Buy Options Yet Available.</span><br><span class='priceStyle2'>$row[5]</span>";
}
else{
echo "<span class='priceStyle2'>Price:</span><span class='priceStyle'> ".substr($FinalOutput,0,24)."</span>";
echo "&nbsp;<a class='three3' href='buy.php?asin=$asin'><img src='buynow.gif' border=0></a>";
}
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td height='27'><a class='three3' href='info.php?artist=$spotlight&album=$row[0]'><span class='searchTitle11'>View More Details on This Album</span></a></td>";
echo "</tr>";
echo "</table>";
echo "<hr color='orange' width='95%'>";
}
}
?>
----------------
This is the part that isnt working...
<a class='three3' href='info.php?artist=$spotlight&album=$row[0]'><span class='searchTitle11'>View More Details on This Album</span></a></

Nightfire
04-25-2004, 01:31 AM
I guess you're doing links like


<a href='page.php?whatever=Caedmon's Call'>Caedmon's Call</a>

If you are then you will need to use both htmlentities and urlencode


<a href='page.php?whatever=" . htmlentities(urlencode($variable)) . "'>Caedmon's Call</a>

<edit>
Got posts crossed
</edit>

raf
04-25-2004, 01:38 AM
No. You just need to output valid html and use double quotes for the attribute-values. like

href="info.php?artist=$spotlight&album=$row[0]"

instead of
href='info.php?artist=$spotlight&album=$row[0]'

when you echo them out, this means that
echo "&nbsp;<a class='three3' href='buy.php?asin=$asin'><img src='buynow.gif' border=0></a>";

should be

echo '&nbsp;<a class="three3" href="buy.php?asin=' . $asin . '"><img src="buynow.gif" border=0></a>';

boeing747fp
04-25-2004, 02:19 AM
http://whmx.com/store/spotlight.php <-this is the page im working on... and the section with Albums by Caedmon's Call works as far as the query and the Buy button, but the info page that you click on the album titles, images.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum