/    Sign up×
Community /Pin to ProfileBookmark

Cant store escaped hash character in db

Copy linkTweet thisAlerts:
Sep 09.2008

Im using ajax to store some html code in a db using php. If the html that i store in the database contains a # (hash) character, everything after (including the hash) is not stored – as if the hash is interpreted as a comment.

As way of background, the html code to be stored is generated by tinyMCE, so whenever there is “…style=’color:#fff;’…” for example, everything after the hash wont be stored. ARggh.

The db input is mysql_real_escape_string’d. Any ideas?

to post a comment
PHP

5 Comments(s)

Copy linkTweet thisAlerts:
@jim_kellerSep 09.2008 — Can you post some of your code? I'm curious to see how you're doing the db insertion - a # character shouldn't upset mySQL.

the Fuse PHP MVC Framework

Why you should be doing your PHP development in FUSE
Copy linkTweet thisAlerts:
@valmurkauthorSep 10.2008 — Here is the php script that the ajax uses:

<i>
</i> include('site.php');
$server=$_GET['server'];
$username=$_GET['username'];
$password=$_GET['password'];
$database=$_GET['database'];
$table=$_GET['table'];
$elementid = $_GET['elementid'];

<i> </i>dbconnect($server,$username,$password,$database);
<i> </i>$data = mysql_real_escape_string($_GET['data']);
<i> </i>if($result=mysql_query("UPDATE $table SET innerhtml = '$data' WHERE elementid = '$elementid'"))
<i> </i> echo "Updated";
<i> </i>else
<i> </i> echo mysql_error();


I might have just found the issue. Apologies, I'll post back in a sec.
Copy linkTweet thisAlerts:
@jim_kellerSep 10.2008 — are you sure your datatype in the DB just isn't too small to hold the data? The # sign may have been a coincidence

also you should use is_numeric() to verify that your $elementid is a number, since you're pulling it in via $_GET

the Fuse PHP MVC Framework

Why you should be doing your PHP development in FUSE
Copy linkTweet thisAlerts:
@valmurkauthorSep 10.2008 — The data type is 'text' so should be fine.

I get this error in firefox when running the code - which is just before the hash.

[B]Warning: Error in parsing value for property 'color'. Declaration dropped.[/B]

So it's clientside right? Should this perhaps be posted in JS forum?

Is there any problems with passing a html code string through GET if there is a hash char in it?
Copy linkTweet thisAlerts:
@valmurkauthorSep 10.2008 — Found the problem - was the method used for the ajax. I'm using the 'Ultimate Ajax Object', and it does say on their site that the passed data must be escaped either with encodeURIComponent() or escape() before posting to the php script.

Thanks for the input Jim.
×

Success!

Help @valmurk spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.2,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,

tipper: @Samric24,
tipped: article
amount: 1000 SATS,
)...