Reply to Searching and Replacing Character Entities

Your name:

Reply:


Posted by Tony on 10/02/06 16:46

I have been using TinyMCE as a WYSIWYG editor for getting content into
a database and then exporting that data into an XML format to redender
in flash using CDATA. The problem is that I didn't realize that Flash
has a problem with character entities such as ' ” and a few
others. I need to search and replace these but I keep on getting a SQL
error.

I get this error:::
Query failed: You have an error in your SQL syntax; check the manual
that corresponds to your MySQL server version for the right syntax to
use near 's Web site and landing...', content = 'Check customer\'s Web
site and' at line 3

My update SQL command is simple:
UPDATE theTableName
SET content = 'the new content to be inserted'
WHERE id = '22'

My PHP config on the server is (i just thought to take a look at how
the server was set up):
magic_quotes_gpc = on
magic_quotes_runtime = off
magic_quotes_sybase = off

I echo'ed out the query and I still can't see the problem. The only
thing that I can think of is that the content has " in it and I'm doing
a search and replace on it's character entity ” to change it to
the literal " but it ends up escaping those " to \" and it might end up
causing a problem in SQL. But see that sounds stupid to me so I'm not
too confident with that reasoning.

Here's the code in context as to what I'm doing currently
$newContent = str_replace($_POST['frmOldPhrase'],
$_POST['frmNewPhrase'], $srRow['content'], $contentCount);
$newTitle = str_replace($_POST['frmOldPhrase'], $_POST['frmNewPhrase'],
$srRow[$title], $titleCount);

$sqlUpdateFields = '';

if( $contentCount > 0 )
{
$sqlUpdateFields .= "content = '".$newContent."'";
}
if( $sqlUpdateFields != '' )
{
$sqlUpdateFields .= ", ";
}
if( $titleCount > 0 )
{
$sqlUpdateFields .= "title = '".$newTitle."'";
}

$srUpdateSql = "UPDATE ".$table." SET ".$sqlUpdateFields." WHERE id =
'".$srRow['id']."'";



That's the code I'm using. I'm stumped here. I tried addslashes()
around my content and that just added like 4 slashes because it was
escaping the already added slashes from having majic quotes on.

What am I doing wrong here??

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация