Help htmlspecialchars is NOT working ??????????
Posted: Tue Oct 10, 2006 9:39 pm
I am using PHP 5 on my XP Pro box with IIS installed and it seems that the htmlspecialchars function has stopped working. whenever data that previously inserted fine into my news table (with html charectors replaced with the standard ones) then when pulled out of the database it did as it was told and returned the data.
now it won't play ball. below is the code:
Data input form that posts to the news verify page:
Now the code on the verify page that outputs the above data into the database for retreival later:
Nothing too fancy just a basic out put these to the database thanks and for some reason it just wont convert them to special chars.
I am also having another error where a page wont show any website addresses that are pulled from a database ie http://www.nzbn.co.nz (and that is just stored as text) then called into the page as in:
<a href="http://$website">$website</a>
very very weird, am waiting on the company who are sponsoring my final project to get their web space available for me to test it online. I have also replaced all of my php 5 files with fresh ones just in case this was a fault.
Thanks all
now it won't play ball. below is the code:
Data input form that posts to the news verify page:
Code: Select all
echo "
<b><h2>Add a News Item to the home page</h2></b>
<form action=\"add_news_verify.php\" method=\"post\">
<b>News Title:</b><br> <input name=\"News_Title\" type=\"text\" size=\"30\"> <br><br>
<b>News Teaser:</b><br> <input name=\"News_Teaser\" type=\"text\" size=\"30\" > <br><br>
<b>News Content (do not include any ' or \" Ensure you encapsulate all text in an initial p tag and at the end
a closing /p tag):</b><br> <textarea name=\"News_Content\" cols=\"90\" rows=\"10\" wrap=\"virtual\"></textarea> <br><br>
<input name=\"submit\" type=\"SUBMIT\" value=\"Add News\">
</form>";Code: Select all
<?php
$News_Title = $_POST['News_Title'];
$News_Teaser = $_POST['News_Teaser'];
$News_Content = htmlspecialchars($_POST['News_Content']);
$query = "INSERT INTO news (News_Title, News_Teaser, News_Content)
VALUES
('$News_Title', '$News_Teaser', '$News_Content')";
$result = mysql_query($query);
if (!$result)
{
$feedback = 'ERROR - database error - you probably didnt include all field values
or there is something else wrong with your data';
echo $feedback;
} // output confirmation that the news is added to the system
else
{
echo "News $News_Title added to the system";
}
?>I am also having another error where a page wont show any website addresses that are pulled from a database ie http://www.nzbn.co.nz (and that is just stored as text) then called into the page as in:
<a href="http://$website">$website</a>
very very weird, am waiting on the company who are sponsoring my final project to get their web space available for me to test it online. I have also replaced all of my php 5 files with fresh ones just in case this was a fault.
Thanks all