Illegal Characters
Moderator: General Moderators
-
WanamakerStudios
- Forum Commoner
- Posts: 65
- Joined: Thu Nov 30, 2006 7:35 am
Illegal Characters
I am pulling information from a pre-built database that has "illegal" characters in the ID field such as \, ], ^, [, ' and others. How can I ensure that each of these characters is properly encased so I can search against them? As of right now, I am trying to output them into an array and when I hit the \ or ] ... the array function throws an error!
i'm no expert, but i believe you may get some use out of addslashes() and stripslashes(). before you insert or update information in your database tables, send the information through the addslashes() function.
and if you retrieve this information to display on your webpages, use the stripslashes() function.
there's probably plenty more functions you could use or you coulr write your own user defined function with some regex know-how to manipulate the string exactly how you need to. hope this helps. good luck!
Code: Select all
<?php
$string = "@#/%^\>?";
$string = addlsashes($string);
mysql_query("INSERT INTO your_table (your_column) VALUES ('". $string ."')") or die(mysql_error());
?>Code: Select all
<?php
$sql = mysql_query("SELECT * FROM your_table");
$query = mysql_fetch_array($sql);
echo "No more slashes: ". stripslashes($query[your_column]) ."\n";
?>-
WanamakerStudios
- Forum Commoner
- Posts: 65
- Joined: Thu Nov 30, 2006 7:35 am
- Kieran Huggins
- DevNet Master
- Posts: 3635
- Joined: Wed Dec 06, 2006 4:14 pm
- Location: Toronto, Canada
- Contact:
-
WanamakerStudios
- Forum Commoner
- Posts: 65
- Joined: Thu Nov 30, 2006 7:35 am
This is the code that I am trying to run:
And I get the following error messages:
<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
<br />
<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
<br />
<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
Code: Select all
while($array = mysql_fetch_array($query_make)){
$query_makename = search_db("SELECT CDESCRIPTION FROM carparts WHERE BINARY CIDCARP = '$array[CMAKE]'",'used');
$makeid[] = $array[0];
while($array2 = mysql_fetch_array($query_makename)){
$makename[] = $array2[0];
}
}<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
<br />
<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
<br />
<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
Re: Illegal Characters
What is allowed in the ID field? Alphanumerics?WanamakerStudios wrote:I am pulling information from a pre-built database that has "illegal" characters in the ID field such as \, ], ^, [, ' and others. How can I ensure that each of these characters is properly encased so I can search against them? As of right now, I am trying to output them into an array and when I hit the \ or ] ... the array function throws an error!
Sorry boo_lolly, that's not good advice. mysql_real_escape_string() is preferrible over addslashes() and you don't need stripslashes() at all. When you escape quotes (with addslashes or mysql_re...) that action is temporarily marking that quote as part of the string not the end of it, the slashes themselves are not added to the fields in the databases hence stripslashes is unnecessary.i'm no expert, but i believe you may get some use out of addslashes() and stripslashes()
-
WanamakerStudios
- Forum Commoner
- Posts: 65
- Joined: Thu Nov 30, 2006 7:35 am
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
-
WanamakerStudios
- Forum Commoner
- Posts: 65
- Joined: Thu Nov 30, 2006 7:35 am
Re: Illegal Characters
yeah, i said i was no expert =P, but thanks for the tip ole!ole wrote:What is allowed in the ID field? Alphanumerics?WanamakerStudios wrote:I am pulling information from a pre-built database that has "illegal" characters in the ID field such as \, ], ^, [, ' and others. How can I ensure that each of these characters is properly encased so I can search against them? As of right now, I am trying to output them into an array and when I hit the \ or ] ... the array function throws an error!
Sorry boo_lolly, that's not good advice. mysql_real_escape_string() is preferrible over addslashes() and you don't need stripslashes() at all. When you escape quotes (with addslashes or mysql_re...) that action is temporarily marking that quote as part of the string not the end of it, the slashes themselves are not added to the fields in the databases hence stripslashes is unnecessary.i'm no expert, but i believe you may get some use out of addslashes() and stripslashes()
i think he was answering my question when i asked him to post the value of $query_make...The values are as follows:
AZ
A[
A'
A^
A\
A\
BZ
B[
B]
B'
wanamaker, i didn't mean the printed value. i mean $query_make = mysql_query("???????????") or die(mysql_error());
-
WanamakerStudios
- Forum Commoner
- Posts: 65
- Joined: Thu Nov 30, 2006 7:35 am
My bad ... here ya go ...
Code: Select all
$query_make = search_db("SELECT DISTINCT CMAKE FROM `vehicles-temp`",'used');- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Which is it, this one:
or this oneWanamakerStudios wrote:This is the code that I am trying to run:
And I get the following error messages:Code: Select all
while($array = mysql_fetch_array($query_make)){ $query_makename = search_db("SELECT CDESCRIPTION FROM carparts WHERE BINARY CIDCARP = '$array[CMAKE]'",'used'); $makeid[] = $array[0]; while($array2 = mysql_fetch_array($query_makename)){ $makename[] = $array2[0]; } }
<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
<br />
<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
<br />
<b>Warning</b>: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in <b>/home/bestcarp/public_html/modules/js/used-car.php</b> on line <b>19</b><br />
In the first query, the value $array[CMAKE] may be making your life a little difficult, as the array index should have quotes around them so PHP does not try to interpret it as a constant. That being said, can you run your queries though the error checker (mysql_error()) to see what the database server is telling you about your query? The errors you posted first come from the fast that you are not passing a result resource to mysql_fetch_array(), which expects a result resource. That means your query is borked somewhere. mysql_error() will tell you where.WanamakerStudios wrote:My bad ... here ya go ...
Code: Select all
$query_make = search_db("SELECT DISTINCT CMAKE FROM `vehicles-temp`",'used');
trybtw: this can be done easier and faster with a JOIN statement, see http://www.w3schools.com/sql/sql_join.asp
Code: Select all
error_reporting(E_ALL);
ini_set('display_errors', true);
$query_make = search_db("SELECT DISTINCT CMAKE FROM `vehicles-temp`",'used')
or die(mysql_error().': '.$query_make);
while($array = mysql_fetch_array($query_make)){
$cmake = mysql_real_escape_strring($array[CMAKE]);
$query_makename = search_db("SELECT CDESCRIPTION FROM carparts WHERE BINARY CIDCARP = '$cmale'",'used')
or die(mysql_error().': '.$query_makename);
$makeid[] = $array[0];
while($array2 = mysql_fetch_array($query_makename)){
$makename[] = $array2[0];
}
}
Last edited by volka on Wed Jan 10, 2007 1:27 pm, edited 1 time in total.