hi all!
i'm new with php and i have problem. I have a submit form in which every user places code.when they submit it in database its displayed normally there, but when i try to view the data in php there are missing elements , as b<<c or <iostream> etc. is it possible to configure it so it will accept <br> tags as line brakes, and the other code to display as text?

example of the error :

code entered in database or thru form(in database im using varchar):

#include<iostream.h>
int main()
{ 
int year;
cout<<"year=";
cin>>year;
if(!(year%4)&&(year%100)||!(year%400))
cout<<"error1"; else cout< <"error2";
return 0;
}

code received in php:

#include 
int main() 
{ 
int year; 
cout<
cin>>year; 
if(!(year%4)&&(year%100)||!(year%400)) 
cout<<
return 0; 
} 
)

php files im using:

submit.php

<form method="post" action="insert.php">
    <p><br>
      <b>code:</b><br>
      <input type="Text" name="code" size="200">
      <input type="Submit" name="submit" value="Enter information">
    </p>
    </form>

insert.php

<?php
include("contentdb.php"); //here is the connection to db
include("data.php"); //here are declared the variables
$sql = "INSERT INTO $table (code) VALUES ('$code')";
$result = mysql_query($sql);
echo "<br><br>code added to quiz.<br><br>";
?>
<a href="editquizlist.php">Back to list of codes</a>

Please help me all help is appreciated .

sorry for my bad English...

Recommended Answers

well year. This is a common mistake one makes at the beginning of writing PHP code. The data recieved in PHP is masked so that possible harmful code cannot be executed.

Try the following functions:

Jump to Post

Actually funny enough, he does have some sort of security in place. The tag <iostream> was removed because of it's containing < and > (which generally signifies an HTML tag). What needs to be done though, is not stripslashes or addslahses. It's mysql_real_escape string():

<?php
include("contentdb.php"); //Connect …
Jump to Post

All 6 Replies

well year. This is a common mistake one makes at the beginning of writing PHP code. The data recieved in PHP is masked so that possible harmful code cannot be executed.

Try the following functions: http://de.php.net/manual/de/function.htmlspecialchars-decode.php , http://de.php.net/manual/de/function.stripslashes.php and http://de.php.net/manual/de/function.addcslashes.php . If none of these functions do what you want to, have a look at php.net for similar functions.

Actually funny enough, he does have some sort of security in place. The tag <iostream> was removed because of it's containing < and > (which generally signifies an HTML tag). What needs to be done though, is not stripslashes or addslahses. It's mysql_real_escape string():

<?php
include("contentdb.php"); //Connect to MySQL
include("data.php"); //Declares Variables
//Perform query
if(mysql_query("INSERT INTO $table (code) VALUES ('".mysql_real_escape_string($code)."')")) echo "<br><br>Your Code  was Added to the Quiz.<br><br>";
?>
<a href="editquizlist.php">Return to the Code List</a>

To really diagnose the problem, we would need to see the data.php file. Can you post it?

To really diagnose the problem, we would need to see the data.php file. Can you post it?

well its very simple :

data.php

<?php
$code=$_POST['code'];
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];
?>

its combination with other scripts,where its needed there i place it.

will the tag <br> work or is it possible to make it work? bucause without <br> tag everything will be shown on one line. the php which shows the code is code1.php

its simple code i created but its making this strange things.I will check your solution thanks

code1.php

<?php

include("contentdb.php");
include("data.php");

$display = mysql_query("SELECT * FROM $table ORDER BY id",$db);

if (!$submit)
{
       echo "codes:"

        while ($row = mysql_fetch_array($display)) {

        echo "<br><b>";
        echo $code;
        echo "</b><br>";
        }
?>

thanks it worked,but everything is on one line.
is it possible to enable only <br> tag?

Thanks again

Maybe try nl2br() on the code:

<?php
include("contentdb.php");
include("data.php");
 
$display = mysql_query("SELECT code FROM $table ORDER BY id", $db);
if (!$submit)
{
       echo "Code:"
        while ($row = mysql_fetch_array($display)) {
        echo "<br><b>".nl2br($row['code'])."</b><br>";
        }
}
?>

I've made it work. for thoose who have mine problem change this :

<form method="post" action="insert.php">
    <p><br>
      <b>code:</b><br>
      <input type="Text" name="code" size="200"> 
      <input type="Submit" name="submit" value="Enter information">
    </p>
    </form>

this :

<input type="Text" name="code" size="200">

to :

<TEXTAREA name="code" rows="3" cols="40"  size="50"></TEXTAREA>

and add in this file :

<?php

include("contentdb.php");
include("data.php");

$display = mysql_query("SELECT * FROM $table ORDER BY id",$db);

if (!$submit)
{
       echo "codes:"

        while ($row = mysql_fetch_array($display)) {

        echo "<br><b>";
        echo $code;
        echo "</b><br>";
        }
?>

this :

echo $code;

to :

echo nl2br($code);

this will allow you to have line breaks in your code without <br> or \n .

Thanks again to all who helped

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.