|
|
Posted by Curt Zirzow on 01/14/06 09:21
Bear (pun intened) with me on this one i havn't read the whole
thread, so you may get a repeat answer.
On Fri, Jan 13, 2006 at 10:55:00AM -0600, Jay Blanchard wrote:
> I am having a problem with a an ampersand sign. I have a list of things on a
> page, in which one category is 'Oil & Gas'. I store it in the database as
> 'Oil & Gas'. When the category is clicked the query string shows just an
> ampersand, i.e.
The database should really hold text/plain, not text/html.
If you take the string 'Oil & Gas' out side of the context of
html that & is a rather strange sequence of characters.
> "Filter=Process&FilterKey=Oil%20&%20Gas&Order=Application&Direction=ASC&comm
> ents=" and therefore just shows as an '&' and the query only sees 'Oil'.
You forgot to urlencode() each value that is passed. And say you
did urlencode the data you would have:
Filter=Process&FilterKey=Oil+%26+Gas
Now the $_GET['FilterKey'] is 'Oil & Gas'
If you do a search on the db for this value with something like:
$cat = mysql_real_escape_string($_GET['FilterKey']);
$sql = "select * from table where cat = '$cat'";
You will come back with 0 results since you really have in that cat
field 'Oil & Gas'.
>
> I guess that I am too tired to deal with this or the answer would come to
> mind immediately. Can someone drop kick me in the right direction? Thanks!
Remember:
characters only have meaning in the context they are used
If I want to use 'Oil & Gas' in:
html: i need to html_entity_docode()/htmlentities() it
sql: i need to ensure it is escaped *_escape_string();
url: i need to urlencode() it.
plain/text: just an echo/print
store on a main frame: ASCII2EBCDIC() it
Curt.
--
cat .signature: No such file or directory
Navigation:
[Reply to this message]
|