Hello Everyone

I have a simple form posting to mysql database.

I set one of the fields to be Text Area. I have and HTML Link Code that needs to be in that field.

When I upload he data to the db, my " gets hashed out a \ gets inserted. How can I stop this from happening?

Recommended Answers

What are the functions you are using before inserting data in mysql?
Are you using add_slashes?

Jump to Post

Hi,
maybe you can use the str_repl() before the echo of your link

$link = your DB field;
$clean_link = str_repl('\','',$link);
echo $new_link;

Jump to Post

Hi,
if this link is your button, just put it where it has to appear on your page, i suppose

regards

Jump to Post

sorry my mistake,,
it's str_replace() and not str_repl() !!

but $link = 'link'; ?? I suppose 'link' equal the content of your DB field "link"??

Jump to Post

All 14 Replies

What are the functions you are using before inserting data in mysql?
Are you using add_slashes?

This is my form:

<form action="inventory_list.php" enctype="multipart/form-data" name="myForm" id="myform" method="post">
    <table width="90%" border="0" cellspacing="0" cellpadding="6">
      <tr>
        <td width="16%" align="right">
		<font face="Tahoma" size="2" color="#808080">Link ID</font></td>
        <td width="82%"><label>
          <input name="linkid" type="text" id="linkid" size="38" /></label></td>
      </tr>
      <tr>
        <td width="16%" align="right">
		<font face="Tahoma" size="2" color="#808080">Product Name</font></td>
        <td width="82%"><label>
          <input name="product_name" type="text" id="product_name" size="64" />
        </label></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Product Price</font></td>
        <td><label>
          <font face="Tahoma" size="2" color="#808080">$</font>
          <input name="price" type="text" id="price" size="12" />
        </label></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Category</font></td>
        <td><label>
          <select name="category" id="category">
          <option value="Select One">Select One</option>
          <option value="Men">Men</option>
          <option value="Women">Women</option>
          </select>
        </label></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Subcategory</font></td>
        <td><select name="subcategory" id="subcategory">
          <option value="Select One">Select One</option>
          <option value="Jeans">Jeans</option>
          <option value="Pants">Pants</option>
          <option value="Shirts">Shirts</option>
          <option value="Shirts">Shorts</option>
          <option value="Shoes">Shoes</option>
          <option value="Sports Coats">Sports Coats</option>
          <option value="Sportswear">Sportswear</option>
          <option value="Sweaters">Sweaters</option>
          <option value="Fragrance">Fragrance</option>
          <option value="Accessories">Accessories</option>
          <option value="Watches & Jewelry">Watches & Jewelry</option>
          
          </select></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Product Details</font></td>
        <td><label>
          <textarea name="details" id="details" cols="64" rows="5"></textarea>
        </label></td>
      </tr>
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080"><br>
		Primary Color 
		Match<br>
		&nbsp;</font></td>
        <td><label>
          <input name="color1" type="text" id="color1" size="10" /></label></td>
      </tr>      
      <tr>
        <td align="right" height="68"><font face="Tahoma" size="2" color="#808080">Secondary Color 
		Match</font></td>
        <td height="68">
		<label>
          <input name="color2" type="text" id="color2" size="10" /></label></td>
      </tr>      
      <tr>
        <td align="right"><font size="2" face="Tahoma" color="#808080">HTML Link</font></td>
        <td>
		<label>
          <textarea name="link" id="link" cols="64" rows="5"></textarea></label></td>
      </tr>      
      <tr>
        <td align="right"><font face="Tahoma" size="2" color="#808080">Product Image</font></td>
        <td><label>
          <input type="file" name="fileField" id="fileField" />
        </label></td>
      </tr>      
      <tr>
        <td>&nbsp;</td>
        <td><label>
          <input type="submit" name="button" id="button" value="Add This Item Now" />
        </label></td>
      </tr>
    </table>
    </form>

This is the code I NEED to go in that field. And Its Different for every product.

<a target='_blank' href='http://click.linksynergy.com/fs-bin/click?id=3qM*AG8K6Qo&offerid=146141.3706263&type=2&subid=0'><img border="0" src='style/buynowbutton.png' width='138' height='20'><a/>

but the result gives me this

<a target=\'_blank\' href=\'http://click.linksynergy.com/fs-bin/click?id=3qM*AG8K6Qo&offerid=146141.3706263&type=2&subid=0\'><img border=\"0\" src=\'style/buynowbutton.png\' width=\'138\' height=\'20\'><a/>

and my link does not work. Please assist.

Hi,
maybe you can use the str_repl() before the echo of your link

$link = your DB field;
$clean_link = str_repl('\','',$link);
echo $new_link;

Thanks for the reply, I am a novice at this so bare with me please. I'm not too sure where to put this. the link gets echoed on the product page as a BUY NOW BUTTON

Hi,
if this link is your button, just put it where it has to appear on your page, i suppose

regards

<?php 
      $link = 'link';
      $clean_link = str_repl('\','',$link);
      echo $clean_link; 
      ?>

This is based on what I understood now is my Echo of that link on the product page. But unfortunately the page went blank now. :(

sorry my mistake,,
it's str_replace() and not str_repl() !!

but $link = 'link'; ?? I suppose 'link' equal the content of your DB field "link"??

<?php 
$link = 'link';
$clean_link = str_replace('\','',$link);
echo $clean_link;
?>

I tried placing this where the echo should be but i'm afraid it doesn't show up> Blank Page

sorry my mistake,,
it's str_replace() and not str_repl() !!

but $link = 'link'; ?? I suppose 'link' equal the content of your DB field "link"??

Yes my field is called link

ok,
but
$link = 'link';
should be something like
$link = myrecord;

where myrecord comes from your SELECT statement

ok,
but
$link = 'link';
should be something like
$link = myrecord;

where myrecord comes from your SELECT statement

$link = $row["link"];

so now I have

<?php 
$link = $row["link"];
$clean_link = str_replace('\','',$link);
echo $clean_link;
?>

Still Blank Page

This is what I uploaded in the field:

<a target='_blank' href='http://click.linksynergy.com/fs-bin/click?id=3qM*AG8K6Qo&offerid=146141.3706263&type=2&subid=0'><img border="0" src='style/buynowbutton.png' width='138' height='20'><a/>

and this is what ends up in the db:

<a target=\'_blank\' href=\'http://click.linksynergy.com/fs-bin/click?id=3qM*AG8K6Qo&offerid=146141.3706263&type=2&subid=0\'><img border=\"0\" src=\'style/buynowbutton.png\' width=\'138\' height=\'20\'><a/>

How can I stop this from happening?

Member Avatar

probably due to magic_quotes. you can check for this with get_magic_quotes_gpc

http://uk.php.net/manual/en/function.get-magic-quotes-gpc.php

Disable this in php.ini if possible. Ask your host if it is a live site.

If it's set, you can get rid of the slashes with stripslashes().

If you're using DB to store, you'll still need to escape the input with mysql_real_escape_string or you could get SQL injections.

@ptermourra
Is your problem solved?
If not, what do you get as url whith your blanco page?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.20 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.