...

View Full Version : Simple Query Gone Bad :(



macmonkey
01-10-2006, 03:46 AM
ok.. I've been sitting here trying everything under the sun... I've got a simple admin page wheras a user inputs some text into a text area and it gets put in the dbase. when I echo all of my variables just before my sql query they are showing up and everything seems to be fine.

here's the simple query


//get page text
$page_text=$_POST['description'];
$new_mainimage_link = $_POST['new_mainimage_link'];
//update table
$sql="UPDATE pages SET page_text='".$page_text."' WHERE page_id=".$page_id;
get_mysql_result($sql);
$done=true;
echo $sql;

I've got a mysql_connect just before the script as well with die commands and I seem to be connecting to the dbase. so.. what in the world could be wrong?

when I echo the sql query this is what I get:


UPDATE pages SET page_text='

Located in charming, historic Franklin, Tennessee, ****** is a quick 20 minutes south of Nashville. The fifteen blockhistoricdistrict is home to a unique mix of locally-ownedboutiques,restaurants, and attractions and less than 10 minutes from awide rangeof hotels, Cool Springs Galleria, popular restaurant chains,and CivilWar sites.

Access to Main Street in Franklin is via I-65, Highway 96, Hillsboro Road, and Columbia Pike. MAP IT.
' WHERE page_id=6
thanks.

Digger3000
01-10-2006, 03:48 AM
Beause you're echoing ""UPDATE pages SET page_text='".$page_text."' WHERE page_id=".$page_id; "

macmonkey
01-10-2006, 03:49 AM
what?

ralph l mayo
01-10-2006, 03:51 AM
Can you check and see if:

$sql="UPDATE pages SET page_text='".mysql_real_escape_string($page_text)."' WHERE page_id=".$page_id;
works any better?

macmonkey
01-10-2006, 04:06 AM
ralph,

thanks for the tip but no :(..

I DO think that it has something to do with the new lines and possibly spaces in my query. I replaced $page_text with 'test' and it worked.

I'm using a js wysiwyg editor on the textarea which puts a blank line at the top of it's value. I tried urlencode and nl2br but neither worked.

ralph l mayo
01-10-2006, 04:17 AM
mysql_real_escape_string() should get rid of any newline problems and I don't think spaces are ever syntactically important in SQL. I just tried the exact same query with and without the escape, and both methods work fine. Is the column length you have set for page_text possibly too small? Is there something funky going on in get_mysql_result()? Also try adding this after get_mysql_result()

echo mysql_error();

edit: in fact just try swapping get_mysql_result() for mysql_query() and see if that works

macmonkey
01-10-2006, 04:17 AM
the wysiwyg editor in quesiton is HTMLAREA 3. Is there a php function to completely strip any formatting that might be in there?

thanks

macmonkey
01-10-2006, 04:24 AM
The Dbase structure is as follows:

page_id - tinyint(1)
page_name - varchar(25)
page_text - text
page_image - varchar(175)
page_link - varchar(100)

I honestly think it is some formatting with this text editor. I can manually input the text into the query and it works. If I use the text editor it the query comes out looking the same but it doesn't go into the dbase :(.

I'm googling my *** off right now.

ralph l mayo
01-10-2006, 04:32 AM
You can use this before the query:
$page_text = preg_replace('/[^0-9a-zA-Z .,!\?\*-]/', '', $page_text);
it'll delete every character not matched in the brackets.

macmonkey
01-10-2006, 05:02 AM
at this point.. I'm 99.9% confident that something's going on with this WYSIWYG editor.

Here's my page code just for everyone's entertainment.



<?php

function delete_img($img_name)
{
if (is_file("images/".$img_name))
return unlink("images/".$img_name);
}
function upload_homepage_images()
{
$images=Array("mainimage","toprightimage","middlerightimage","bottomrightimage");
$ret="";

foreach ($images as $image)
{
//if a new image was specified, upload it
if ($_FILES["new_".$image]['size'] != 0)
{
$f=$_FILES["new_".$image]['name'];
$filename="images/".$f;

//move uploaded file to destination
if (!move_uploaded_file($_FILES["new_".$image]['tmp_name'],$filename))
{
$err="<BR>Upload for the image failed!";
}
//delete old image
else
{
if (!delete_img($_POST["old_".$image]))
$err.="<BR>Couldn't delete old image '".$_POST["old_".$image]."'!";

$ret.=$f."|";
}
}
else
{
$ret.=$_POST["old_".$image]."|";
}
}

return $ret;
}

function rteSafe($strText)
{
//returns safe code for preloading in the RTE
$tmpString = $strText;

$tmpString=str_replace("\r","",$tmpString);
$tmpString=str_replace("\n","",$tmpString);
$tmpString=addslashes($tmpString);

return $tmpString;
}

require('admin_nav_left.html');

$mode=$_GET["mode"];

//------------- UPDATE PAGE TEXT ----------------//
if ($mode == "submit")
{
$page_id=$_GET["page_id"];

if (intval($page_id) == 7)
{
$f=upload_homepage_images();
}
else
{
//Page Image
if ($_FILES['page_image']['size'] != 0)
{
$f=$_FILES['page_image']['name'];
$filename="images/".$f;

//move uploaded file to destination
if (!move_uploaded_file($_FILES['page_image']['tmp_name'],$filename))
{
$err="Upload for the image failed!";
}
//delete old image
else
{
if (!delete_img($_POST["old_page_image"]))
$err.="Couldn't delete old image!";
}
}
}

//get page text
$page_text=$_POST["description"];
$page_text = preg_replace('/[^0-9a-zA-Z .,!\?\*-]/', '', $page_text);
//update table
$sql="UPDATE pages SET page_text='".$page_text."',page_image='".$f."',page_link='".$_POST["new_mainimage_link"]."' WHERE page_id=".$page_id;
get_mysql_result($sql);
$done=true;
echo mysql_error();
}

$page_id=$_GET['page_id'];

if ($page_id != "")
{
$sql="SELECT * FROM pages WHERE page_id=".$page_id;
//pull existing info from DB
$rs=get_mysql_result($sql);
$page_data=mysql_fetch_array($rs,MYSQL_ASSOC);
?>
<P>
<form name="managePage" action="editPageText.php?mode=submit&page_id=<?=$page_id?>" enctype="multipart/form-data" method="POST">
<table width=85% cellpadding=6 cellspacing=0 border=1 rules="none" bordercolor="#990000" align=center>
<tr><td valign=top align=center bgcolor="#990000" colspan=2><font face="Trebuchet MS, Verdana" style="font-size:14px" color=white><B>Site Content</b></font></td></tr>
<tr><td valign=top align=center bgcolor="#E8E8E8" colspan=2><font face="Trebuchet MS, Verdana" style="font-size:12px" color="#000000"><b><?=strtoupper($page_data["page_name"])?> Page</b></font></td>
</tr>
<?
if ($done and $err == "") {
?>
<tr><td valign=top align=center colspan=2 bgcolor="#FFFFCC"><font face="Trebuchet MS, Verdana" style="font-size:12px" color=green><b>Update successful!</b></font></td></tr>
<?}
else if ($err != "") {
?>
<tr><td valign=top align=center colspan=2 bgcolor="#FFFFCC"><font face="Trebuchet MS, Verdana" style="font-size:12px" color=red><b><?=$err?></b></font></td></tr>
<?}
?>
<tr>
<td align=left valign=top colspan=2>

<!----------------------------- HTML EDITOR --------------------------- -->
<?
//home page (page id = 7) is unique
if ($page_id != "7")
{
?>
<textarea name="description" id="description"></textarea>
<script type="text/javascript">
var config = new HTMLArea.Config(); // create a new configuration object
// having all the default values
config.width = '500px';
config.height = '350px';

// the following replaces the textarea with the given id with a new
// HTMLArea object having the specified configuration
HTMLArea.replace('description', config);
document.getElementById("description").value='<?=stripslashes(rteSafe($page_data["page_text"]))?>';
</script>

<!----------------------------- HTML EDITOR --------------------------- -->
</td>
</tr>
<?
if ($page_data["page_image"] != "")
{?>
<tr><td align=left valign=top><b>Current Page Image:</b></td>
<td align=left valign=top>
<img src="thumb.php?width=100&path=images/<?=$page_data["page_image"]?>">
<input type="hidden" name="old_page_image" value="<?=$page_data["page_image"]?>">
</td>
</tr>
<?
}
?>

<tr><td align=left valign=top><b>New Page Image:</b></td>
<td align=left valign=top><input type="file" name="page_image"></td>
</tr>
<?
}
//deal with home page
else
{
if (strpos($page_data["page_image"],"|") !== false)
{
$images=explode("|",$page_data["page_image"]);
$mainimage=$images[0];
$toprightimage=$images[1];
$middlerightimage=$images[2];
$bottomrightimage=$images[3];
}

if ($mainimage != "")
{?>
<tr><td align=left valign=top><b>Current Main Home Page Image:</b></td>
<td align=left valign=top>
<img src="thumb.php?width=100&path=images/<?=$mainimage?>">
<input type="hidden" name="old_mainimage" value="<?=$mainimage?>">
</td>
</tr>
<?
}
?>
<tr><td align=left valign=top><b>New Main Home Page Image:</b><BR><small>*Note: required size is width 580, height 245</td>
<td align=left valign=top><input type="file" name="new_mainimage"></td>
</tr>
<tr><td align=left valign=top><b>Main Image Product Link:</b></td>
<td align=left valign=top><input type="text" size="50" name="new_mainimage_link" value="<?=$page_data["page_link"]?>"></td>
</tr>
<?
if ($toprightimage != "")
{?>
<tr><td align=left valign=top><b>Current Top Right Image:</b></td>
<td align=left valign=top>
<img src="thumb.php?width=100&path=images/<?=$toprightimage?>">
<input type="hidden" name="old_toprightimage" value="<?=$toprightimage?>">
</td>
</tr>
<?
}
?>
<tr><td align=left valign=top><b>New Top Right Image:</b><BR><small>*Note: required size is width 150, height 177</td>
<td align=left valign=top><input type="file" name="new_toprightimage"></td>
</tr>
<?
if ($middlerightimage != "")
{?>
<tr><td align=left valign=top><b>Current Middle Right Image:</b></td>
<td align=left valign=top>
<img src="thumb.php?width=100&path=images/<?=$middlerightimage?>">
<input type="hidden" name="old_middlerightimage" value="<?=$middlerightimage?>">
</td>
</tr>
<?
}
?>
<tr><td align=left valign=top><b>New Middle Right Image:</b><BR><small>*Note: required size is width 150, height 72</td>
<td align=left valign=top><input type="file" name="new_middlerightimage"></td>
</tr>
<?
if ($bottomrightimage != "")
{?>
<tr><td align=left valign=top><b>Current Bottom Right Image:</b></td>
<td align=left valign=top>
<img src="thumb.php?width=100&path=images/<?=$bottomrightimage?>">
<input type="hidden" name="old_bottomrightimage" value="<?=$bottomrightimage?>">
</td>
</tr>
<?
}
?>
<tr><td align=left valign=top><b>New Bottom Right Image:</b><BR><small>*Note: required size is width 150, height 76</td>
<td align=left valign=top><input type="file" name="new_bottomrightimage"></td>
</tr>
<?
}
?>
<tr><td align=center colspan=2><input type="submit" value="Update"></td></tr>
</table>
</form>

<?
}

require('admin_bottom.html');
?>




Here's where I'm at now:

If I echo the query - the query is in good form and ultimately "should" be going into the dbase. If I simply take this dang text area out of the picture everything works fine.

I went to HTMLArea's forums and HTMLArea 3 has been discontinued.

I've thought about installing a new WYSIWYG but since this text editor is already site-wide I'd love to not have to do that..

any more suggestions?

macmonkey
01-10-2006, 05:27 AM
SO. it turns out that my problem stems from a browser incompatability.

The WYSIWYG doesn't work with Firefox :(. I popped open IE and it worked fine... 2 HOURS LATER!

Anyways thanks for everyones help.

jw

missing-score
01-10-2006, 06:11 AM
You could use FCK Editor (http://www.fckeditor.net/), its about the best one I know of :)



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum