Cant delete items from mysql that contain special characters

Question

flynismo 0 Junior Poster

13 Years Ago

I have resolved a couple issues on my site thanks to you all, and hoping that you can come to my rescue one last time, because I am at wit's end trying to figure this one out.

I have a shopping list on each page. Normal grocery store items; users select products and add it to their shopping list.

My problem is that beside each item is a checkbox..and at the bottom of the form is the submit button. If a user wants to delete an item from their shopping list, they just check the checkbox and hit 'Delete from cart' button. This works fine....if the item they are deleting is one word with no special characters. For example, if I want to delete milk or eggs, no problem, it gets deleted.
But if the item contains more than one word, or special characters, like a single quote, the delete does not work. For example, white bread or Jack's will not get deleted.

Now I have tried to troubleshoot as far as I can, and here's what I've found to be the problem -- when I echo the $variable that contains the item to be deleted, it only echos the FIRST word of a multiword item. To clarify, if I am trying to delete white bread, for some reason, it is only trying to delete an item named WHITE from the database, not WHITE BREAD.

Hopefully, my explanation wasn't confusing and if more info is needed let me know..I'm just not sure how to fix this. I've tried appending addslashes(), stripslashes(), trim() to the variable, but no success.

mysql php

3 Contributors
5 Replies
149 Views
19 Hours Discussion Span
Latest Post 13 Years Ago Latest Post by hielo

ko ko 97 Practically a Master Poster

13 Years Ago

With the understanding of your question, I concluded that you might used the keyword of the items to delete from the cart. Using the 'id' number of the items is more simpler than using the keyword/name of the items. As you mentioned above, you may get the item with the name of the item with the value from the checkbox after submitting the form or by clicking the submit button.

while($items = mysql_fetch_assoc($query)){
       echo "<input type=\"checkbox\" value=\"" . $items['id'] . "\" />" . $item['name'];
}

With the example, you can get the id of the item that the user wants to delete from the cart after submitting the form or clicking the 'Delete' button, and then you can fetch the item from database match with that 'id' and delete it.
Hope this help.

hielo 65 Veteran Poster

13 Years Ago

But if the item contains more than one word, or special characters, like a single quote, the delete does not work...

Most likely you have: <input type=checkbox value=White Bread > instead of: <input type=[B]"[/B]checkbox[B]"[/B] value=[B]"[/B]White Bread[B]"[/B] > You need to quote the values of the attributes - particularly, the VALUE attribute.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

flynismo 0 Junior Poster · Answer 1 · 2011-04-24T01:49:30+00:00

Yep, you are understanding my problem correctly, and it actually just occured to me a little while ago that I could just use the id instead of the item name.

The only possible drawback to that is that in some instances, there may be duplicate entries in the database, and I haven't quite figured out yet how to check the database to see if the item exists before inserting the new entry...so for now I thought the best thing to do would be to delete all instances of 'item', rather than than deleting the id (since if there are duplicate items, there would be two different id's with the same item name).

Since the proper solution here is to prevent duplicate entries in the first place, then delete by id as you said, I will keep it like the way you recommended...because it does work, the only exception would be if there were a duplicate..
But I am still curious as to how I can resolve the problem with the item names, just for the sake of better understanding of how things really work..I'm nearly certain it is a syntax error on my part(maybe it should be '".$item."' or something), or maybe I'm not using the correct combination of functions?

flynismo 0 Junior Poster · Answer 2 · 2011-04-24T08:32:13+00:00

You guys are the best!

And hielo, you were right on, that's exactly how I had it.

It took a lot of tinkering with the placement of quotes and slashes, but I finally got the syntax figured out.

I'll post it here, hopefully this can help someone else out in the future:

I dont think it makes any difference but just an fyi this is inside a .tpl file for reference

{php}

echo " <input name=\"item\" type=checkbox value=\" ".$pantry."\"> ";

{/php}

so hopefully that helps someone out like you guys did for me.

Thank you both!!

hielo 65 Veteran Poster · Answer 3 · 2011-04-24T11:00:46+00:00

echo " <input name=\"item\" type=checkbox value=\" ".$pantry."\"> ";

if you have NOT encoded the value in $pantry['item'] then if it equals 'She said, "Hello"!', you will be facing the same problem as what you reported originally, in which case you should be using:

echo ' <input name="item" type="checkbox" value="' . htmlentities($pantry['item'],ENT_QUOTES) . '">';