[REQ][250 credits]switching content with mySQL

[galaxyAbstractor]

Idk then, as a last solution I'd check if MySQL is version 5... but at me it works just fine with the same code... so the problem isn't with the code...

Serverversion: 5.0.51b-community. Weird...

 

[xPlozion]

Sorry about this mess, I thought you were having problems trying to parse it, not submit it x-P. try

<?php

// Insert HTML into database :D  This is just the basics to make it work.  You can add more to this if you have the desire to
if (!empty($_POST['gcode'])) {  // Just make sure that your field name is gcode ;)
    $gcode = $_POST['gcode'];
    mysql_real_escape_string($gcode);
    $result = mysql_query("INSERT INTO `table` (id, gcode) VALUES(NULL,'$gcode')");
    if ($result) {
        echo "Created new page";
    } else {
        echo "There was an error creating your page.<br /><br />".mysql_error();
    }
} else {
    echo "
        <form action='?submit' method='post'><div>
        <textarea name='gcode'></textarea><br /><br />
        <input type='submit' value='Create Page' name='submit' />
        </div></form>
    ";
}
?>

If you can get all of your html in the database, then we can go on from there...

Description
string mysql_real_escape_string ( string $unescaped_string [, resource $link_identifier ] )

Escapes special characters in the unescaped_string , taking into account the current character set of the connection so that it is safe to place it in a mysql_query(). If binary data is to be inserted, this function must be used.

mysql_real_escape_string() calls MySQL's library function mysql_real_escape_string, which prepends backslashes to the following characters: \x00, \n, \r, \, ', " and \x1a.

This function must always (with few exceptions) be used to make data safe before sending a query to MySQL.

P.S. I'm giving you back your credits until you get it working, so you can choose to donate it to someone else if you feel it's necessary (or give it back, i'm just giving back what's yours until the time is right

 

[edu2004eu]

Dude, xPlozion, the script is fine. It worked at my place. It may need a little tweaking so that it works on his version of PHP/MySQL or whatever too, but the script is great You've done a really good job

 

[galaxyAbstractor]

Sorry about this mess, I thought you were having problems trying to parse it, not submit it x-P. try

<?php

// Insert HTML into database :D  This is just the basics to make it work.  You can add more to this if you have the desire to
if (!empty($_POST['gcode'])) {  // Just make sure that your field name is gcode ;)
    mysql_real_escape_string($_POST['gcode']);
    $result = mysql_query("INSERT INTO `table` (id, gcode) VALUES(NULL,'$gcode')");
    if ($result) {
        echo "Created new page";
    } else {
        echo "There was an error creating your page.<br /><br />".mysql_error();
    }
} else {
    echo "
        <form action='?submit' method='post'><div>
        <textarea name='gcode'></textarea><br /><br />
        <input type='submit' value='Create Page' name='submit' />
        </div></form>
    ";
}
?>

If you can get all of your html in the database, then we can go on from there...



P.S. I'm giving you back your credits until you get it working, so you can choose to donate it to someone else if you feel it's necessary (or give it back, i'm just giving back what's yours until the time is right

i'll try this when I come home

 

[xPlozion]

Dude, xPlozion, the script is fine. It worked at my place. It may need a little tweaking so that it works on his version of PHP/MySQL or whatever too, but the script is great You've done a really good job

Thank you, there was one problem I noticed w/ my script (where i had mysql_real_escape_string, it was escaping a different variable than what was being sent into the db), but it's fixed now.

When you posted for the first time, was the only error in the code in the query where it said LIMIT 1? If so, then I posted a reply a couple of posts down from my original code that recognizes that.

P.S. Thanks for the rep

 

[edu2004eu]

No, it was a different error (I didn't count that one in). You had forgotten to close a bracket
Anyway, I think it works now, from what I've seen on his site

 

[xPlozion]

hmm, I wonder why Zend Studio never picked that up?

 

[edu2004eu]

LOL, idk either :-??

 

[galaxyAbstractor]

yey it worked a bit better now.

Now there is

<script src="http://ww

in the db. Now why does it stop this time...

 

[xPlozion]

hmm, if you don't mind, can you provide the code that you are trying to insert into the db? it could possibly help out debugging it, so we know whatelse is causing it to malfunction...

-xP

 

[galaxyAbstractor]

Oh totally forgot this. Here is the code I am trying to add:

<script src="http://www.gmodules.com/ig/ifr?url=http://www.canbuffi.de/gadgets/clock/clock.xml&amp;up_title=Clock%20%26%20Date&amp;up_time_format=0&amp;up_seconds=1&amp;up_date_format=0&amp;up_dayofweek=1&amp;up_offset_hours=&amp;up_offset_minutes=&amp;up_daylight=0&amp;up_color=red&amp;synd=open&amp;w=320&amp;h=120&amp;title=__UP_title__&amp;lang=en&amp;country=ALL&amp;border=%23ffffff%7C3px%2C1px+solid+%23999999&amp;output=js"></script>

 

[xPlozion]

I was able to add that code with this script

<?php
mysql_connect('localhost','...','...');
mysql_select_db('...');
// Insert HTML into database :D  This is just the basics to make it work.  You can add more to this if you have the desire to
if (!empty($_POST['gcode'])) {  // Just make sure that your field name is gcode ;)
    $gcode = mysql_real_escape_string($_POST['gcode']);
    $result = mysql_query("INSERT INTO `table` (id, gcode) VALUES(NULL,'$gcode')");
    if ($result) {
        echo "Created new page";
    } else {
        echo "There was an error creating your page.<br /><br />".mysql_error();
    }
} else {
    echo "
        <form action='?submit' method='post'><div>
        <textarea name='gcode'></textarea><br /><br />
        <input type='submit' value='Create Page' name='submit' />
        </div></form>
    ";
}
?>

Sorry for the late reply

-xP

 

[galaxyAbstractor]

I got it! There is a stupid limit in varchar! I changed it from 22 to 10000 and now:

<script src=\"http://www.gmodules.com/ig/ifr?url=h

is added

 

[xPlozion]

wow... or you could use text if you are going to be putting a whole page of content in it.
also, varchar has a limit of 255

my test db is setup as:

id int(2) not_null auto_increment primary
gcode text not_null

 

[galaxyAbstractor]

but when I set it to text "[BLOB - 444 bytes]" is added and nothing shows up on the switch page

 

[xPlozion]

so, when you use blob, all of the code is inserted into the database?

also, text and blob do not get a limit.

 

[galaxyAbstractor]

so, when you use blob, all of the code is inserted into the database?

also, text and blob do not get a limit.

Well, the code is added this way:

<script src=\"http://www.gmodules.com/ig/ifr?url=http://www.canbuffi.de/gadgets/clock/clock.xml&amp;up_title=Clock%20%26%20Date&amp;up_time_format=0&amp;up_seconds=1&amp;up_date_format=0&amp;up_dayofweek=1&amp;up_offset_hours=&amp;up_offset_minutes=&amp;up_daylight=0&amp;up_color=red&amp;synd=open&amp;w=320&amp;h=120&amp;title=__UP_title__&amp;lang=en&amp;country=ALL&amp;border=%23ffffff%7C3px%2C1px+solid+%23999999&amp;output=js\"></script>

the
\ in the beginning and \ in the end makes it don't work

 

[xPlozion]

so that's what you see in phpMyAdmin?

 

[galaxyAbstractor]

so that's what you see in phpMyAdmin?

No I see that when I press "view source" on the page