Need Help with Code

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
macbeth
Forum Newbie
Posts: 9
Joined: Fri Apr 24, 2009 9:27 am

Need Help with Code

Post by macbeth »

I am trying to get data into an Oracle database using PhP 4. I am having problems with the apostrophe (') that appears in some names (e.g., O'Dell). I keep getting the following error:

ociparse(): OCIParse: ORA-01756: quoted string not properly terminated

I would appreciate any help I could get with this. I have been trying to figure this out for way too long.

Here is my code:

Code: Select all

<?php
$Title = $_POST["Title"];
$FNAME = $_POST["FNAME"];
$LNAME = $_POST["LNAME"];
$SUID = $_POST["SUID"];
$EMAIL = $_POST["EMAIL"];
$DEPT = $_POST["DEPT"];
$PHONE = $_POST["PHONE"];
$ADDRESS = $_POST["ADDRESS"];
$FIRSTYR = $_POST["FIRSTYR"];
$SSIZE = $_POST["SSIZE"];
$STYPE = $_POST["STYPE"];
$PARTICIPATE = $_POST["PARTICIPATE"];
$ATTEND = $_POST["ATTEND"];
$GUESTS = $_POST["GUESTS"];
$session = $_POST["session"];
 
$toaddress = "123@abc";
$subject = $Title;
$mailcontent .= " Name: $FNAME $LNAME\n";
$mailcontent .= " SUID: $SUID\n";
$mailcontent .= " Email: $EMAIL\n";
$mailcontent .= " Dept: $DEPT\n";
$mailcontent .= " Phone: $PHONE\n";
$mailcontent .= " Campus Address: $ADDRESS\n\n";
$mailcontent .= " Frist Year: $FIRSTYR\n\n";
$mailcontent .= " Shirt Size: $SSIZE\n";
$mailcontent .= " Shirt Type: $STYPE\n\n";
$mailcontent .= " How Particptating: $PARTICIPATE\n\n";
$mailcontent .= " Attend Supper: $ATTEND\n";
$mailcontent .= " No. Guests: $GUESTS\n";
 
$fromaddress = "From: " . $EMAIL;
 
mail($toaddress, $subject, $mailcontent, $fromaddress);
 
$user = "xxx";
$pass = "xxx";
$db = "xxx";
$dt = date("Y-m-d");
$conn = ocilogon($user, $pass, $db);
$sql = "INSERT INTO MAINEVENT (FNAME, LNAME, SUID, EMAIL, DEPT, PHONE, ADDRESS, FIRSTYR, SSIZE, STYPE, PARTICIPATE, ATTEND, GUESTS) VALUES ('$FNAME', '$LNAME', '$SUID', '$EMAIL', '$DEPT', '$PHONE', '$ADDRESS', '$FIRSTYR', '$SSIZE', '$STYPE', '$PARTICIPATE', '$ATTEND', '$GUESTS')";
$stmt = ociparse($conn, $sql);
ociexecute($stmt)or die("Unable to execute query\n");
?>
Thanks in advance.
Last edited by Benjamin on Mon Apr 27, 2009 10:09 am, edited 1 time in total.
Reason: Added code tags, type = php.
User avatar
jayshields
DevNet Resident
Posts: 1912
Joined: Mon Aug 22, 2005 12:11 pm
Location: Leeds/Manchester, England

Re: Need Help with Code

Post by jayshields »

Use something like addslashes() on the string containing the apostrophe, before putting it into the query. When you retrieve the strings, use stripslashes().
Cryophallion
Forum Newbie
Posts: 10
Joined: Fri Apr 24, 2009 9:05 am

Re: Need Help with Code

Post by Cryophallion »

Use addslashes: http://us2.php.net/manual/en/function.addslashes.php
then, strip then for output using stripslashes: http://us2.php.net/manual/en/function.stripslashes.php

to apply to your code:

Code: Select all

<?php
$Title = $_POST["Title"];
$FNAME = $_POST["FNAME"];
$LNAME = $_POST["LNAME"];
would be

Code: Select all

<?php
$Title = addslashes($_POST['Title']);
$FNAME = addslashes($_POST['FNAME']);
$LNAME = addslashes($_POST['LNAME']);
and to show again:

Code: Select all

 
echo stripslashes($Title);
 
You should use single quotes for arrays, btw.
macbeth
Forum Newbie
Posts: 9
Joined: Fri Apr 24, 2009 9:27 am

Re: Need Help with Code

Post by macbeth »

I tried it with the addslashes command and I am getting this error:

Warning: ociparse(): OCIParse: ORA-01756: quoted string not properly terminated in /xxx on line 44

Warning: ociexecute(): supplied argument is not a valid OCI8-Statement resource in /xxx on line 45
Unable to execute query


I altered my code to include single quotes in arrays:

Code: Select all

<?php
$Title = $_POST['Title'];
$FNAME = $_POST['FNAME'];
$LNAME = addslashes($_POST['LNAME']);
$SUID = $_POST['SUID'];
$EMAIL = $_POST['EMAIL'];
$DEPT = $_POST['DEPT'];
$PHONE = $_POST['PHONE'];
$ADDRESS = $_POST['ADDRESS'];
$FIRSTYR = $_POST['FIRSTYR'];
$SSIZE = $_POST['SSIZE'];
$STYPE = $_POST['STYPE'];
$PARTICIPATE = $_POST['PARTICIPATE'];
$ATTEND = $_POST['ATTEND'];
$GUESTS = $_POST['GUESTS'];
$session = $_POST['session'];
 
$toaddress = "123@abc";
$subject = $Title;
$mailcontent .= " Name: $FNAME $LNAME\n";
$mailcontent .= " SUID: $SUID\n";
$mailcontent .= " Email: $EMAIL\n";
$mailcontent .= " Dept: $DEPT\n";
$mailcontent .= " Phone: $PHONE\n";
$mailcontent .= " Campus Address: $ADDRESS\n\n";
$mailcontent .= " Frist Year: $FIRSTYR\n\n";
$mailcontent .= " Shirt Size: $SSIZE\n";
$mailcontent .= " Shirt Type: $STYPE\n\n";
$mailcontent .= " How Particptating: $PARTICIPATE\n\n";
$mailcontent .= " Attend Supper: $ATTEND\n";
$mailcontent .= " No. Guests: $GUESTS\n";
 
$fromaddress = "From: " . $EMAIL;
 
mail($toaddress, $subject, $mailcontent, $fromaddress);
 
$user = 'xxx';
$pass = xxxx;
$db = xxxx;
$dt = date('Y-m-d');
$conn = ocilogon($user, $pass, $db);
$sql = "INSERT INTO MAINEVENT (FNAME, LNAME, SUID, EMAIL, DEPT, PHONE, ADDRESS, FIRSTYR, SSIZE, STYPE, PARTICIPATE, ATTEND, GUESTS) VALUES ('$FNAME', '$LNAME', '$SUID', '$EMAIL', '$DEPT', '$PHONE', '$ADDRESS', '$FIRSTYR', '$SSIZE', '$STYPE', '$PARTICIPATE', '$ATTEND', '$GUESTS')";
$stmt = ociparse($conn, $sql);
ociexecute($stmt)or die("Unable to execute query\n");
?>
Last edited by Benjamin on Mon Apr 27, 2009 10:10 am, edited 2 times in total.
Reason: Changed code type from text to php.
Cryophallion
Forum Newbie
Posts: 10
Joined: Fri Apr 24, 2009 9:05 am

Re: Need Help with Code

Post by Cryophallion »

Can you give us the echo'd query once it is generated? I think there may be something else that needs slashing.

Also, and I may be wrong here, I think you should always specify that the variables are variables. I have always been told to do it this way:

Code: Select all

"..VALUES ('{$FNAME}', '{$LNAME}', ..."
Otherwise, it may try to insert the $FNAME as the value. It also makes the code a little easier to comprehend. More explicit in this case may help things.
macbeth
Forum Newbie
Posts: 9
Joined: Fri Apr 24, 2009 9:27 am

Re: Need Help with Code

Post by macbeth »

I don't have anything to echo because it's not getting into the database.

The output in the email, however, looks like this: O\'Toole

As you can probably see, i'm a newbie! To say the very least.
Cryophallion
Forum Newbie
Posts: 10
Joined: Fri Apr 24, 2009 9:05 am

Re: Need Help with Code

Post by Cryophallion »

echo $sql before the $stmnt, that way you can see what the generated sql look like.

I would addslash everything, and see what happens.

Eventually, I would make a db_prepare function, and use arrays, but for now just add the function to all values.
Cryophallion
Forum Newbie
Posts: 10
Joined: Fri Apr 24, 2009 9:05 am

Re: Need Help with Code

Post by Cryophallion »

We can deal with the email part later, using a few arrays, but for now just get the inserts working.
macbeth
Forum Newbie
Posts: 9
Joined: Fri Apr 24, 2009 9:27 am

Re: Need Help with Code

Post by macbeth »

This is what I get

Code: Select all

INSERT INTO MAINEVENT (FNAME, LNAME, SUID, EMAIL, DEPT, PHONE, ADDRESS, FIRSTYR, SSIZE, STYPE, PARTICIPATE, ATTEND, GUESTS) VALUES ('Brian', 'O\\\'Toole', '1223456', 'something@aol.com', 'Department', 'Phone', 'Address', 'Yes', 'S', 'Tank', '', 'Yes I will attend', '2')

Code: Select all

Warning: ociparse(): OCIParse: ORA-01756: quoted string not properly terminated in /xxx on line 48
 
Warning: ociexecute(): supplied argument is not a valid OCI8-Statement resource in /xxx on line 49
Unable to execute the query
Last edited by Benjamin on Mon Apr 27, 2009 10:11 am, edited 1 time in total.
Reason: Added code tags, type = sql and type = text
Post Reply