BoNfiRe
06-12-2006, 01:58 AM
I was trying to use a tutorial to build a simple news posting thing for my site that was mysql driven.
Now I think it's that strip_slashes(); thingy and I have tried fixing it myself, and all I seem to do is make a pigs ear out of it all :o :D
this is the relevant code (I think lol)
<?
session_start();
include("config.php");
$dbh=mysql_connect ($dbhost, $dbuser, $dbpassword) or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ($dbname,$dbh);
define("DBH",$dbh);
function getPage($field='seoname',$value=''){
$result = mysql_query("SELECT * FROM articles WHERE {$field}='{$value}'", DBH);
$page = mysql_fetch_assoc($result);
return $page;
}
function getPages($field='parent',$value='0'){
$result = mysql_query("SELECT * FROM articles WHERE {$field}='{$value}'", DBH);
$pages = array();
while( $row = mysql_fetch_assoc($result) ){
$pages[$row['id']] = $row;
}
return $pages;
}
function AddPage(){
// $_POST['akey'] = makeKey(10); // Obsolete
unset($_POST['id']);
$_POST['seoname'] = seoname($_POST['title']);
$query = "INSERT INTO articles (".implode(", ",array_keys
($_POST)).") VALUES ('".implode("', '",array_map
("mysql_real_escape_string",$_POST))."')";
mysql_query($query,DBH) or die( mysql_error() );
return mysql_insert_id();
}
function UpdatePage($pid){
$_POST['seoname'] = seoname($_POST['title']);
$query = "UPDATE articles SET ";
foreach($_POST as $field => $value) {
$query .= "$field = '".mysql_real_escape_string ($value)."', ";
}
$query = substr($query, 0, strlen($query)-2)." WHERE id = '{$pid}'";
mysql_query($query,DBH) or die( mysql_error() );
return mysql_affected_rows();
}
function DeletePage($pid){
unset($_POST['step']);
$query = "DELETE FROM articles WHERE id = '{$pid}'";
mysql_query($query,DBH) or die( mysql_error() );
return mysql_affected_rows();
}
function seoname($string){
$string = ltrim($string);
$string = preg_replace( "/ +/", " ", strtolower($string) );
$string = str_replace(' - ', '-', $string);
$string = str_replace(array('-','%',';','/','?',':','@','&','=','+','$',',','#','(',')'), '',
$string);
$search = array(" ", "ä", "ö", "ü","ë","ï","é","è","à","ç",",",);
$replace = array("","ae","oe","ue","e","i","e","e","a","c",",",);
$string = str_replace($search, $replace, $string);
$string = preg_replace("/[^a-z0-9_-]/", "", $string);
$string = strtolower($string);
return urlencode($string);
}
?>
I think it's the bottom bit and have even read some stuff in the php manual but it just looses me and everything I try doesn't seem to make a difference.
Any help is much appreciated
TIA
BoN
Now I think it's that strip_slashes(); thingy and I have tried fixing it myself, and all I seem to do is make a pigs ear out of it all :o :D
this is the relevant code (I think lol)
<?
session_start();
include("config.php");
$dbh=mysql_connect ($dbhost, $dbuser, $dbpassword) or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ($dbname,$dbh);
define("DBH",$dbh);
function getPage($field='seoname',$value=''){
$result = mysql_query("SELECT * FROM articles WHERE {$field}='{$value}'", DBH);
$page = mysql_fetch_assoc($result);
return $page;
}
function getPages($field='parent',$value='0'){
$result = mysql_query("SELECT * FROM articles WHERE {$field}='{$value}'", DBH);
$pages = array();
while( $row = mysql_fetch_assoc($result) ){
$pages[$row['id']] = $row;
}
return $pages;
}
function AddPage(){
// $_POST['akey'] = makeKey(10); // Obsolete
unset($_POST['id']);
$_POST['seoname'] = seoname($_POST['title']);
$query = "INSERT INTO articles (".implode(", ",array_keys
($_POST)).") VALUES ('".implode("', '",array_map
("mysql_real_escape_string",$_POST))."')";
mysql_query($query,DBH) or die( mysql_error() );
return mysql_insert_id();
}
function UpdatePage($pid){
$_POST['seoname'] = seoname($_POST['title']);
$query = "UPDATE articles SET ";
foreach($_POST as $field => $value) {
$query .= "$field = '".mysql_real_escape_string ($value)."', ";
}
$query = substr($query, 0, strlen($query)-2)." WHERE id = '{$pid}'";
mysql_query($query,DBH) or die( mysql_error() );
return mysql_affected_rows();
}
function DeletePage($pid){
unset($_POST['step']);
$query = "DELETE FROM articles WHERE id = '{$pid}'";
mysql_query($query,DBH) or die( mysql_error() );
return mysql_affected_rows();
}
function seoname($string){
$string = ltrim($string);
$string = preg_replace( "/ +/", " ", strtolower($string) );
$string = str_replace(' - ', '-', $string);
$string = str_replace(array('-','%',';','/','?',':','@','&','=','+','$',',','#','(',')'), '',
$string);
$search = array(" ", "ä", "ö", "ü","ë","ï","é","è","à","ç",",",);
$replace = array("","ae","oe","ue","e","i","e","e","a","c",",",);
$string = str_replace($search, $replace, $string);
$string = preg_replace("/[^a-z0-9_-]/", "", $string);
$string = strtolower($string);
return urlencode($string);
}
?>
I think it's the bottom bit and have even read some stuff in the php manual but it just looses me and everything I try doesn't seem to make a difference.
Any help is much appreciated
TIA
BoN