0

Hello Everyone

I have a simple form posting to mysql database.

I set one of the fields to be Text Area. I have and HTML Link Code that needs to be in that field.

When I upload he data to the db, my " gets hashed out a \ gets inserted. How can I stop this from happening?

4
Contributors
14
Replies
17
Views
5 Years
Discussion Span
Last Post by didier_m
0

What are the functions you are using before inserting data in mysql?
Are you using add_slashes?

Edited by vibhaJ: n/a

0

This is my form:

<form action="inventory_list.php" enctype="multipart/form-data" name="myForm" id="myform" method="post">
    <table width="90%" border="0" cellspacing="0" cellpadding="6">
      <tr>
        <td width="16%" align="right">
		<font face="Tahoma" size="2" color="#808080">Link ID</font></td>
        <td width="82%"><label>
          <input name="linkid" type="text" id="linkid" size="38" /></label></td>
      </tr>
      <tr>
        <td width="16%" align="right">
		<font face="Tahoma" size="2" color="#808080">Product Name</font></td>
        <td width="82%"><label>
          <input name="product_name" type="text" id="product_name" size="64" />
        </label></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Product Price</font></td>
        <td><label>
          <font face="Tahoma" size="2" color="#808080">$</font>
          <input name="price" type="text" id="price" size="12" />
        </label></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Category</font></td>
        <td><label>
          <select name="category" id="category">
          <option value="Select One">Select One</option>
          <option value="Men">Men</option>
          <option value="Women">Women</option>
          </select>
        </label></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Subcategory</font></td>
        <td><select name="subcategory" id="subcategory">
          <option value="Select One">Select One</option>
          <option value="Jeans">Jeans</option>
          <option value="Pants">Pants</option>
          <option value="Shirts">Shirts</option>
          <option value="Shirts">Shorts</option>
          <option value="Shoes">Shoes</option>
          <option value="Sports Coats">Sports Coats</option>
          <option value="Sportswear">Sportswear</option>
          <option value="Sweaters">Sweaters</option>
          <option value="Fragrance">Fragrance</option>
          <option value="Accessories">Accessories</option>
          <option value="Watches & Jewelry">Watches & Jewelry</option>
          
          </select></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Product Details</font></td>
        <td><label>
          <textarea name="details" id="details" cols="64" rows="5"></textarea>
        </label></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080"><br>
		Primary Color 
		Match<br>
		&nbsp;</font></td>
        <td><label>
          <input name="color1" type="text" id="color1" size="10" /></label></td>
      </tr>      
      <tr>
        <td align="right" height="68"><font face="Tahoma" size="2" color="#808080">Secondary Color 
		Match</font></td>
        <td height="68">
		<label>
          <input name="color2" type="text" id="color2" size="10" /></label></td>
      </tr>      
      <tr>
        <td align="right"><font size="2" face="Tahoma" color="#808080">HTML Link</font></td>
        <td>
		<label>
          <textarea name="link" id="link" cols="64" rows="5"></textarea></label></td>
      </tr>      
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Product Image</font></td>
        <td><label>
          <input type="file" name="fileField" id="fileField" />
        </label></td>
      </tr>      
      <tr>
        <td>&nbsp;</td>
        <td><label>
          <input type="submit" name="button" id="button" value="Add This Item Now" />
        </label></td>
      </tr>
    </table>
    </form>

This is the code I NEED to go in that field. And Its Different for every product.

<a target='_blank' href='http://click.linksynergy.com/fs-bin/click?id=3qM*AG8K6Qo&offerid=146141.3706263&type=2&subid=0'><img border="0" src='style/buynowbutton.png' width='138' height='20'><a/>

but the result gives me this

<a target=\'_blank\' href=\'http://click.linksynergy.com/fs-bin/click?id=3qM*AG8K6Qo&offerid=146141.3706263&type=2&subid=0\'><img border=\"0\" src=\'style/buynowbutton.png\' width=\'138\' height=\'20\'><a/>

and my link does not work. Please assist.

0

Hi,
maybe you can use the str_repl() before the echo of your link

$link = your DB field;
$clean_link = str_repl('\','',$link);
echo $new_link;

0

Thanks for the reply, I am a novice at this so bare with me please. I'm not too sure where to put this. the link gets echoed on the product page as a BUY NOW BUTTON

0

Hi,
if this link is your button, just put it where it has to appear on your page, i suppose

regards

0
<?php 
      $link = 'link';
      $clean_link = str_repl('\','',$link);
      echo $clean_link; 
      ?>

This is based on what I understood now is my Echo of that link on the product page. But unfortunately the page went blank now. :(

0

sorry my mistake,,
it's str_replace() and not str_repl() !!

but $link = 'link'; ?? I suppose 'link' equal the content of your DB field "link"??

0
<?php 
$link = 'link';
$clean_link = str_replace('\','',$link);
echo $clean_link;
?>

I tried placing this where the echo should be but i'm afraid it doesn't show up> Blank Page

Edited by ptermourra: n/a

0

sorry my mistake,,
it's str_replace() and not str_repl() !!

but $link = 'link'; ?? I suppose 'link' equal the content of your DB field "link"??

Yes my field is called link

0

ok,
but
$link = 'link';
should be something like
$link = myrecord;

where myrecord comes from your SELECT statement

0

ok,
but
$link = 'link';
should be something like
$link = myrecord;

where myrecord comes from your SELECT statement

$link = $row["link"];

so now I have

<?php 
$link = $row["link"];
$clean_link = str_replace('\','',$link);
echo $clean_link;
?>

Still Blank Page

0

This is what I uploaded in the field:

<a target='_blank' href='http://click.linksynergy.com/fs-bin/click?id=3qM*AG8K6Qo&offerid=146141.3706263&type=2&subid=0'><img border="0" src='style/buynowbutton.png' width='138' height='20'><a/>

and this is what ends up in the db:

<a target=\'_blank\' href=\'http://click.linksynergy.com/fs-bin/click?id=3qM*AG8K6Qo&offerid=146141.3706263&type=2&subid=0\'><img border=\"0\" src=\'style/buynowbutton.png\' width=\'138\' height=\'20\'><a/>

How can I stop this from happening?

0

probably due to magic_quotes. you can check for this with get_magic_quotes_gpc

http://uk.php.net/manual/en/function.get-magic-quotes-gpc.php

Disable this in php.ini if possible. Ask your host if it is a live site.

If it's set, you can get rid of the slashes with stripslashes().

If you're using DB to store, you'll still need to escape the input with mysql_real_escape_string or you could get SQL injections.

0

@ptermourra
Is your problem solved?
If not, what do you get as url whith your blanco page?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.