Strange missing things in php

Question

solarb 0 Newbie Poster

14 Years Ago

hi all!
i'm new with php and i have problem. I have a submit form in which every user places code.when they submit it in database its displayed normally there, but when i try to view the data in php there are missing elements , as b<<c or <iostream> etc. is it possible to configure it so it will accept tags as line brakes, and the other code to display as text?

example of the error :

code entered in database or thru form(in database im using varchar):

#include<iostream.h>
int main()
{ 
int year;
cout<<"year=";
cin>>year;
if(!(year%4)&&(year%100)||!(year%400))
cout<<"error1"; else cout< <"error2";
return 0;
}

code received in php:

#include 
int main() 
{ 
int year; 
cout<
cin>>year; 
if(!(year%4)&&(year%100)||!(year%400)) 
cout<<
return 0; 
} 
)

php files im using:

submit.php

<form method="post" action="insert.php">
    <p><br>
      <b>code:</b><br>
      <input type="Text" name="code" size="200">
      <input type="Submit" name="submit" value="Enter information">
    </p>
    </form>

insert.php

<?php
include("contentdb.php"); //here is the connection to db
include("data.php"); //here are declared the variables
$sql = "INSERT INTO $table (code) VALUES ('$code')";
$result = mysql_query($sql);
echo "<br><br>code added to quiz.<br><br>";
?>
<a href="editquizlist.php">Back to list of codes</a>

Please help me all help is appreciated .

sorry for my bad English...

mysql php

Edited 14 Years Ago by solarb because: n/a

3 Contributors
6 Replies
151 Views
23 Hours Discussion Span
Latest Post 14 Years Ago Latest Post by solarb

sDJh 39 Posting Whiz in Training

14 Years Ago

well year. This is a common mistake one makes at the beginning of writing PHP code. The data recieved in PHP is masked so that possible harmful code cannot be executed.

Try the following functions: http://de.php.net/manual/de/function.htmlspecialchars-decode.php , http://de.php.net/manual/de/function.stripslashes.php and http://de.php.net/manual/de/function.addcslashes.php . If none of these functions do what you want to, have a look at php.net for similar functions.

FlashCreations 20 Posting Whiz

14 Years Ago

Actually funny enough, he does have some sort of security in place. The tag <iostream> was removed because of it's containing < and > (which generally signifies an HTML tag). What needs to be done though, is not stripslashes or addslahses. It's mysql_real_escape string():

<?php
include("contentdb.php"); //Connect to MySQL
include("data.php"); //Declares Variables
//Perform query
if(mysql_query("INSERT INTO $table (code) VALUES ('".mysql_real_escape_string($code)."')")) echo "<br><br>Your Code  was Added to the Quiz.<br><br>";
?>
<a href="editquizlist.php">Return to the Code List</a>

To really diagnose the problem, we would need to see the data.php file. Can you post it?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

solarb 0 Newbie Poster · Answer 1 · 2010-02-28T12:48:43+00:00

To really diagnose the problem, we would need to see the data.php file. Can you post it?

well its very simple :

data.php

<?php
$code=$_POST['code'];
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];
?>

its combination with other scripts,where its needed there i place it.

will the tag work or is it possible to make it work? bucause without tag everything will be shown on one line. the php which shows the code is code1.php

its simple code i created but its making this strange things.I will check your solution thanks

code1.php

<?php

include("contentdb.php");
include("data.php");

$display = mysql_query("SELECT * FROM $table ORDER BY id",$db);

if (!$submit)
{
       echo "codes:"

        while ($row = mysql_fetch_array($display)) {

        echo "<br><b>";
        echo $code;
        echo "</b><br>";
        }
?>

solarb 0 Newbie Poster · Answer 2 · 2010-02-28T14:11:56+00:00

thanks it worked,but everything is on one line.
is it possible to enable only tag?

Thanks again

FlashCreations 20 Posting Whiz · Answer 3 · 2010-02-28T14:45:25+00:00

Maybe try nl2br() on the code:

<?php
include("contentdb.php");
include("data.php");
 
$display = mysql_query("SELECT code FROM $table ORDER BY id", $db);
if (!$submit)
{
       echo "Code:"
        while ($row = mysql_fetch_array($display)) {
        echo "<br><b>".nl2br($row['code'])."</b><br>";
        }
}
?>

solarb 0 Newbie Poster · Answer 4 · 2010-02-28T15:33:16+00:00

I've made it work. for thoose who have mine problem change this :

<form method="post" action="insert.php">
    <p><br>
      <b>code:</b><br>
      <input type="Text" name="code" size="200"> 
      <input type="Submit" name="submit" value="Enter information">
    </p>
    </form>

this :

<input type="Text" name="code" size="200">

to :

<TEXTAREA name="code" rows="3" cols="40"  size="50"></TEXTAREA>

and add in this file :

<?php

include("contentdb.php");
include("data.php");

$display = mysql_query("SELECT * FROM $table ORDER BY id",$db);

if (!$submit)
{
       echo "codes:"

        while ($row = mysql_fetch_array($display)) {

        echo "<br><b>";
        echo $code;
        echo "</b><br>";
        }
?>

this :

echo $code;

to :

echo nl2br($code);

this will allow you to have line breaks in your code without or \n .

Thanks again to all who helped