PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
n00b Saibot
DevNet Resident
Posts: 1452 Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:
Post
by n00b Saibot » Mon Nov 07, 2005 11:11 am
I have a form like this
Code: Select all
<form action="<?php echo SELF ?>?op=<?php echo $op ?>&id=<?php echo $id ?>" method="post" enctype="multipart/form-data">
...
<input type="text" name="title" value="<?php echo clean($Title) ?>" size="57" />
...
<textarea name="article" cols="50" rows="10"><?php echo clean($Article) ?></textarea>
...
</form>
I observed a peculiar behavior today that whenever the textarea contained the
’ (Smart-Quote) then the post array would be missing the title key. Also when I removed either the smart-quote or the enctype attribute, thing would get working allright.My last whole hour went into this trifle. What I would like to know is that is this thing a known bug or it has happened to me only
ambivalent
Forum Contributor
Posts: 173 Joined: Thu Apr 14, 2005 8:58 pm
Location: Toronto, ON
Post
by ambivalent » Mon Nov 07, 2005 12:24 pm
Could it be related to
this ? Or
this ?
n00b Saibot
DevNet Resident
Posts: 1452 Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:
Post
by n00b Saibot » Tue Nov 08, 2005 12:15 am
I have seen both of them. it's not the apostrophe, it is the smart-quote here which is causing problem and this problem is not mentioned in both places so I guess this could be a rather new bug. Maybe I should file a new bug... whatsay
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Tue Nov 08, 2005 12:40 am
methinks it's not a bug with php specfically... since you were able to post the smart-quote here.. but there are many variables.. and you haven't shown all your code...
n00b Saibot
DevNet Resident
Posts: 1452 Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:
Post
by n00b Saibot » Tue Nov 08, 2005 1:00 am
I wrote: Also when I removed either the smart-quote or the enctype attribute, thing would get working allright.
how would you explain this...
if reqd i'll post my code
s.dot
Tranquility In Moderation
Posts: 5001 Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana
Post
by s.dot » Tue Nov 08, 2005 1:08 am
id say post the code that you're passing the input through, then post a print_r of $_POST
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
n00b Saibot
DevNet Resident
Posts: 1452 Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:
Post
by n00b Saibot » Tue Nov 08, 2005 3:36 am
Ok. here is the page code... minus validation part...
Code: Select all
<?
$PATH = include('../relpath.php');
require_once $PATH.'lib/inc/tpl_secure.php';
require_once $PATH.'lib/inc/handlers.php';
includeClasses('movies', 'previews', 'reviews', 'musicreviews', 'trailers');
$Title = '';
$Cast = '';
$Director = '';
$Producer = '';
$Music = '';
$Preview = '';
$Review = '';
$MReview = '';
$Trailer = '';
$Path = '';
$Rel_Date = '';
$Exp_Date = '';
$Area = '';
$FORMOK = TRUE;
// instantiate movies class
$Movies = new MOVIES();
// check for id
if ($id) $Movies->setMoviesID((int)($id)); // assign unique id
dump($_POST);
dump($_FILES);
if (isset($_POST["title"])) // if form was posted
{
// assign page variables
$Title = clean($_POST["title"]);
$Cast = clean($_POST["cast"]);
$Director = clean($_POST['dir']);
$Producer = clean($_POST['prod']);
$Music = clean($_POST['music']);
$Preview = clean($_POST['preview']);
$Review = clean($_POST['review']);
$MReview = clean($_POST['mreview']);
$Trailer = isset($_POST['trailer'])?clean($_POST['trailer']):'';
$Rel_Date = clean($_POST["rel_mm"]).'/'.clean($_POST["rel_dd"]).'/'.clean($_POST["rel_yy"]);
$Exp_Date = $_POST["exp_mm"]=='-'?NULL:clean($_POST["exp_mm"]).'/'.clean($_POST["exp_dd"]).'/'.clean($_POST["exp_yy"]);
$Area = clean($_POST['area']);
//....
//validate & process form
//....
startSecurePage(ucfirst($op).' Movie');
writeErrors();
?>
<form action="<? echo SELF ?>?op=<? echo $op ?>&id=<? echo $id ?>" method="post" enctype="multipart/form-data">
<table cellpadding="0" cellspacing="0" width="80%">
<tr>
<td class="rowHeadRt">Title</td>
<td class="left" colspan="2"><input type="text" name="title" value="<? echo clean($Title) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt">Cast</td>
<td class="left" colspan="2"><input type="text" name="cast" value="<? echo clean($Cast) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt">Director</td>
<td class="left" colspan="2"><input type="text" name="dir" value="<? echo clean($Director) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt">Producer</td>
<td class="left" colspan="2"><input type="text" name="prod" value="<? echo clean($Producer) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Music Director</td>
<td class="left" colspan="2"><input type="text" name="music" value="<? echo clean($Music) ?>" size="57" /></td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Preview Article</td>
<td class="left" colspan="2">
<? if ($op=='add') {?>
<textarea name="preview" cols="50" rows="10"><? echo clean($Preview) ?></textarea>
<?} else writeSelect($PreviewARGS) ?>
</td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Review Article</td>
<td class="left" colspan="2">
<? if ($op=='add') {?>
<textarea name="review" cols="50" rows="10"><? echo clean($Review) ?></textarea>
<?} else writeSelect($ReviewARGS) ?>
</td>
</tr>
<tr>
<td class="rowHeadRt">Music Review Article</td>
<td class="left" colspan="2">
<? if ($op=='add') {?>
<textarea name="mreview" cols="50" rows="10"><? echo clean($MReview) ?></textarea>
<?} else writeSelect($MReviewARGS) ?>
</td>
</tr>
<tr>
<td class="rowHeadRt">Trailer</td>
<td class="left" colspan="2">
<? if ($op=='add') {?>
<input type="file" name="movie_trailer" size="45" /></td>
<?} else writeSelect($TrailerARGS) ?>
</td>
</tr>
<tr>
<td class="rowHeadRt">Image</td>
<td class="left" width="60%"><input type="file" name="movie_pic" onchange="change(this.value)" /></td>
<td class="left" rowspan="4"><img style="border:1px solid black" <?echo $Path==''?'':"src=\"http://media01/ramarkz/moviez/$Path\" " ?>id="imgPreview" width="90" height="75">
<? echo ' <font size="1" id="PicText">'.($Path==''?'No Image':'Current Image').'</font>' ?>
</td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Release Date</td>
<td class="left"><? writeDateSelect('rel_', $Rel_Date) ?></td>
</tr>
<tr>
<td class="rowHeadRt" nowrap>Expire Date</td>
<td class="left"><? writeDateSelect('exp_', $Exp_Date) ?></td>
</tr>
<tr>
<td class="rowHeadRt">Area</td>
<td class="left">
<input name="area" type="radio" value="bollywood" <? echo ($Area == 'bollywood' || $Area == ''?' checked': '') ?>>
Bollywood
<input name="area" type="radio" value="tollywood" <? echo ($Area == 'tollywood'?' checked': '') ?>>
Tollywood</td>
</tr>
<tr>
<td colspan="3"><input type="submit" value="<? echo ucfirst($op) ?> Movie" class="btn" /></td>
</tr>
</table>
</form>
<script>
Pic = document.getElementById("imgPreview");
Text = document.getElementById("PicText");
Orig = "<? echo $Path ?>";
function change(Path)
{
if(Path=="")
{
Pic.src = Orig;
Text.innerText = "Current Image";
}
else
{
Pic.src = Path;
Text.innerText = "New Image";
}
}
</script>
<? endSecurePage() ?>
here is the input...
Code: Select all
[title] => The Matrix
[cast] => Keanu Reeves
[dir] => Can't Remember
[prod] => Can't Remember
[music] => Can't Remember
[preview] => It's a good movie...
[review] => It really rocks...
[mreview] => One Flew Over the Cuckoo’s Nest
[rel_mm] => 11
[rel_dd] => 8
[rel_yy] => 2005
[exp_mm] => 11
[exp_dd] => 8
[exp_yy] => 2005
[area] => bollywood
[movie_trailer] => <empty>
[movie_pic] => <empty>
here is the result...
Code: Select all
[cast] => Keanu Reeves
[dir] => Can\'t Remember
[prod] => Can\'t Remember
[music] => Can\'t Remember
[preview] => It\'s a good movie...
[review] => It really rocks...
[mreview] => One Flew Over the Cuckoo’s Nest
[rel_mm] => 11
[rel_dd] => 8
[rel_yy] => 2005
[exp_mm] => 11
[exp_dd] => 8
[exp_yy] => 2005
[area] => bollywood
[movie_trailer] => Array
(
[name] =>
[type] =>
[tmp_name] =>
[error] => 4
[size] => 0
)
[movie_pic] => Array
(
[name] =>
[type] =>
[tmp_name] =>
[error] => 4
[size] => 0
)
you can see that apostrophes are excaped correctly but the smart-quote has been not... and the title key is missing
Last edited by
n00b Saibot on Tue Nov 08, 2005 8:21 am, edited 2 times in total.
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Tue Nov 08, 2005 8:05 am
where's your input and result output's coming from? And why don't the inputs and result's match?
n00b Saibot
DevNet Resident
Posts: 1452 Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:
Post
by n00b Saibot » Tue Nov 08, 2005 8:16 am
the input is what i typed manually into the fields, the output is what comes out from dump()s at lines 28-29
wonder what happened to the PHP & CODE fonts
n00b Saibot
DevNet Resident
Posts: 1452 Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:
Post
by n00b Saibot » Tue Nov 08, 2005 8:27 am
oops! i was first sending the input without the change which i posted here... i have changed it now. the input and output are exactly the same except the missing title key...
n00b Saibot
DevNet Resident
Posts: 1452 Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:
Post
by n00b Saibot » Tue Nov 08, 2005 9:03 am
it says both $HTTP_RAW_POST_DATA
and php://input are empty in case of "multipart/form-data" aaaargh!
so i guess it is an old problem
.... i gonna shoot an email to client telling him he dare not enter any smart-quote into that textarea
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Tue Nov 08, 2005 9:50 am
well.... could have the file uploads on a separate "attachment" page...