Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 12 of 12
  1. #1
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Simple Query Gone Bad :(

    ok.. I've been sitting here trying everything under the sun... I've got a simple admin page wheras a user inputs some text into a text area and it gets put in the dbase. when I echo all of my variables just before my sql query they are showing up and everything seems to be fine.

    here's the simple query

    PHP Code:
    //get page text
        
    $page_text=$_POST['description'];
        
    $new_mainimage_link $_POST['new_mainimage_link'];
        
    //update table
        
    $sql="UPDATE pages SET page_text='".$page_text."' WHERE page_id=".$page_id;
        
    get_mysql_result($sql);
        
    $done=true;
        echo 
    $sql
    I've got a mysql_connect just before the script as well with die commands and I seem to be connecting to the dbase. so.. what in the world could be wrong?

    when I echo the sql query this is what I get:

    Code:
    UPDATE pages SET page_text='
    
    Located in charming, historic Franklin, Tennessee, ****** is a quick 20 minutes south of Nashville.  The fifteen blockhistoricdistrict is home to a unique mix of locally-ownedboutiques,restaurants, and attractions and less than 10 minutes from awide rangeof hotels, Cool Springs Galleria, popular restaurant chains,and CivilWar sites. 
    
    Access to Main Street in Franklin is via I-65, Highway 96, Hillsboro Road, and Columbia Pike.  MAP IT.
    ' WHERE page_id=6
    thanks.

  • #2
    Regular Coder
    Join Date
    Feb 2005
    Location
    Texas
    Posts
    472
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Beause you're echoing ""UPDATE pages SET page_text='".$page_text."' WHERE page_id=".$page_id; "
    If you're reading this, it may already be too late!

  • #3
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts
    what?

  • #4
    Regular Coder ralph l mayo's Avatar
    Join Date
    Nov 2005
    Posts
    951
    Thanks
    1
    Thanked 31 Times in 29 Posts
    Can you check and see if:
    PHP Code:
    $sql="UPDATE pages SET page_text='".mysql_real_escape_string($page_text)."' WHERE page_id=".$page_id
    works any better?

  • #5
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts
    ralph,

    thanks for the tip but no ..

    I DO think that it has something to do with the new lines and possibly spaces in my query. I replaced $page_text with 'test' and it worked.

    I'm using a js wysiwyg editor on the textarea which puts a blank line at the top of it's value. I tried urlencode and nl2br but neither worked.

  • #6
    Regular Coder ralph l mayo's Avatar
    Join Date
    Nov 2005
    Posts
    951
    Thanks
    1
    Thanked 31 Times in 29 Posts
    mysql_real_escape_string() should get rid of any newline problems and I don't think spaces are ever syntactically important in SQL. I just tried the exact same query with and without the escape, and both methods work fine. Is the column length you have set for page_text possibly too small? Is there something funky going on in get_mysql_result()? Also try adding this after get_mysql_result()

    echo mysql_error();

    edit: in fact just try swapping get_mysql_result() for mysql_query() and see if that works
    Last edited by ralph l mayo; 01-10-2006 at 04:19 AM.

  • #7
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts
    the wysiwyg editor in quesiton is HTMLAREA 3. Is there a php function to completely strip any formatting that might be in there?

    thanks

  • #8
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts

    dbase

    The Dbase structure is as follows:

    page_id - tinyint(1)
    page_name - varchar(25)
    page_text - text
    page_image - varchar(175)
    page_link - varchar(100)

    I honestly think it is some formatting with this text editor. I can manually input the text into the query and it works. If I use the text editor it the query comes out looking the same but it doesn't go into the dbase .

    I'm googling my *** off right now.

  • #9
    Regular Coder ralph l mayo's Avatar
    Join Date
    Nov 2005
    Posts
    951
    Thanks
    1
    Thanked 31 Times in 29 Posts
    You can use this before the query:
    $page_text = preg_replace('/[^0-9a-zA-Z .,!\?\*-]/', '', $page_text);
    it'll delete every character not matched in the brackets.

  • #10
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts

    well.. no dice :(

    at this point.. I'm 99.9% confident that something's going on with this WYSIWYG editor.

    Here's my page code just for everyone's entertainment.

    Code:
    <?php
    
    function delete_img($img_name)
    {
    	if (is_file("images/".$img_name))
    		return unlink("images/".$img_name);
    }
    function upload_homepage_images()
    {
    	$images=Array("mainimage","toprightimage","middlerightimage","bottomrightimage");
    	$ret="";
    
    	foreach ($images as $image)
    	{
    		//if a new image was specified, upload it
    		if ($_FILES["new_".$image]['size'] != 0)
    		{	
    			$f=$_FILES["new_".$image]['name'];	
    			$filename="images/".$f;
    			
    			//move uploaded file to destination
    			if (!move_uploaded_file($_FILES["new_".$image]['tmp_name'],$filename))
    			{
    				$err="<BR>Upload for the image failed!";
    			}
    			//delete old image
    			else
    			{
    				if (!delete_img($_POST["old_".$image]))
    					$err.="<BR>Couldn't delete old image '".$_POST["old_".$image]."'!";
    					
    				$ret.=$f."|";
    			}
    		}
    		else
    		{
    			$ret.=$_POST["old_".$image]."|";
    		}
    	}
    	
    	return $ret;
    }
    		
    function rteSafe($strText) 
    {
    	//returns safe code for preloading in the RTE
    	$tmpString = $strText;
    	
    	$tmpString=str_replace("\r","",$tmpString);
    	$tmpString=str_replace("\n","",$tmpString);
    	$tmpString=addslashes($tmpString);
    	
    	return $tmpString;
    }
    
    require('admin_nav_left.html');
    
    $mode=$_GET["mode"];
    
    //------------- UPDATE PAGE TEXT ----------------//
    if ($mode == "submit")
    {
    	$page_id=$_GET["page_id"];
    	
    	if (intval($page_id) == 7)
    	{
    		$f=upload_homepage_images();
    	}
    	else
    	{
    		//Page Image
    		if ($_FILES['page_image']['size'] != 0)
    		{	
    			$f=$_FILES['page_image']['name'];	
    			$filename="images/".$f;
    			
    			//move uploaded file to destination
    			if (!move_uploaded_file($_FILES['page_image']['tmp_name'],$filename))
    			{
    				$err="Upload for the image failed!";
    			}
    			//delete old image
    			else
    			{
    				if (!delete_img($_POST["old_page_image"]))
    					$err.="Couldn't delete old image!";
    			}
    		}
    	}
    	
    	//get page text
    	$page_text=$_POST["description"];
    	$page_text = preg_replace('/[^0-9a-zA-Z .,!\?\*-]/', '', $page_text);
    	//update table
    	$sql="UPDATE pages SET page_text='".$page_text."',page_image='".$f."',page_link='".$_POST["new_mainimage_link"]."' WHERE page_id=".$page_id;
    	get_mysql_result($sql);
    	$done=true;
    	echo mysql_error();
    }
    
    $page_id=$_GET['page_id'];
    
    if ($page_id != "")
    {
    	$sql="SELECT * FROM pages WHERE page_id=".$page_id;
    	//pull existing info from DB
    	$rs=get_mysql_result($sql);
    	$page_data=mysql_fetch_array($rs,MYSQL_ASSOC);
    	?>	
    	<P>
    	<form name="managePage" action="editPageText.php?mode=submit&page_id=<?=$page_id?>" enctype="multipart/form-data" method="POST">	
    	<table width=85% cellpadding=6 cellspacing=0 border=1 rules="none" bordercolor="#990000" align=center>
    	<tr><td valign=top align=center bgcolor="#990000" colspan=2><font face="Trebuchet MS, Verdana" style="font-size:14px" color=white><B>Site Content</b></font></td></tr>
    	<tr><td valign=top align=center bgcolor="#E8E8E8" colspan=2><font face="Trebuchet MS, Verdana" style="font-size:12px" color="#000000"><b><?=strtoupper($page_data["page_name"])?> Page</b></font></td>
    	</tr>
    	<?
    	if ($done and $err == "") {
    	?>
    		<tr><td valign=top align=center colspan=2 bgcolor="#FFFFCC"><font face="Trebuchet MS, Verdana" style="font-size:12px" color=green><b>Update successful!</b></font></td></tr>
    	<?}
    	else if ($err != "") {
    	?>
    		<tr><td valign=top align=center colspan=2 bgcolor="#FFFFCC"><font face="Trebuchet MS, Verdana" style="font-size:12px" color=red><b><?=$err?></b></font></td></tr>
    	<?}
    	?>
    	<tr>
    	<td align=left valign=top colspan=2>
    
        <!----------------------------- HTML EDITOR --------------------------- -->
        <?
    	//home page (page id = 7) is unique
    	if ($page_id != "7")
    	{
    		?>
    	    <textarea name="description" id="description"></textarea>
    	    <script type="text/javascript">
    		var config = new HTMLArea.Config(); // create a new configuration object
    		                                    // having all the default values
    		config.width = '500px';
    		config.height = '350px';
    		
    		// the following replaces the textarea with the given id with a new
    		// HTMLArea object having the specified configuration
    		HTMLArea.replace('description', config);
    		document.getElementById("description").value='<?=stripslashes(rteSafe($page_data["page_text"]))?>';
    		</script>
    		
    	    <!----------------------------- HTML EDITOR --------------------------- -->
    		</td>
    		</tr>
    		<?
    	    if ($page_data["page_image"] != "")
    	    {?>
    	    	<tr><td align=left valign=top><b>Current Page Image:</b></td>
    	    	<td align=left valign=top>
    	    	<img src="thumb.php?width=100&path=images/<?=$page_data["page_image"]?>">
    	    	<input type="hidden" name="old_page_image" value="<?=$page_data["page_image"]?>">
    	    	</td>
    	    	</tr>
    	    <?
    		}
    		?>
    	    
    	    <tr><td align=left valign=top><b>New Page Image:</b></td>
    	    	<td align=left valign=top><input type="file" name="page_image"></td>
    	    </tr>
    	<?
    	}
    	//deal with home page
    	else
    	{
    		if (strpos($page_data["page_image"],"|") !== false)
    		{
    			$images=explode("|",$page_data["page_image"]);
    			$mainimage=$images[0];
    			$toprightimage=$images[1];
    			$middlerightimage=$images[2];
    			$bottomrightimage=$images[3];
    		}
    		
    	    if ($mainimage != "")
    	    {?>
    	    	<tr><td align=left valign=top><b>Current Main Home Page Image:</b></td>
    	    	<td align=left valign=top>
    	    	<img src="thumb.php?width=100&path=images/<?=$mainimage?>">
    	    	<input type="hidden" name="old_mainimage" value="<?=$mainimage?>">
    	    	</td>
    	    	</tr>
    	    <?
    		}
    		?>
    	    <tr><td align=left valign=top><b>New Main Home Page Image:</b><BR><small>*Note:  required size is width 580, height 245</td>
    	    	<td align=left valign=top><input type="file" name="new_mainimage"></td>
    	    </tr>
    	    <tr><td align=left valign=top><b>Main Image Product Link:</b></td>
    	    	<td align=left valign=top><input type="text" size="50" name="new_mainimage_link" value="<?=$page_data["page_link"]?>"></td>
    	    </tr>
    	    <?
    	    if ($toprightimage != "")
    	    {?>
    	    	<tr><td align=left valign=top><b>Current Top Right Image:</b></td>
    	    	<td align=left valign=top>
    	    	<img src="thumb.php?width=100&path=images/<?=$toprightimage?>">
    	    	<input type="hidden" name="old_toprightimage" value="<?=$toprightimage?>">
    	    	</td>
    	    	</tr>
    	    <?
    		}
    		?>
    	    <tr><td align=left valign=top><b>New Top Right Image:</b><BR><small>*Note:  required size is width 150, height 177</td>
    	    	<td align=left valign=top><input type="file" name="new_toprightimage"></td>
    	    </tr>
    		<?
    	    if ($middlerightimage != "")
    	    {?>
    	    	<tr><td align=left valign=top><b>Current Middle Right Image:</b></td>
    	    	<td align=left valign=top>
    	    	<img src="thumb.php?width=100&path=images/<?=$middlerightimage?>">
    	    	<input type="hidden" name="old_middlerightimage" value="<?=$middlerightimage?>">
    	    	</td>
    	    	</tr>
    	    <?
    		}
    		?>
    	    <tr><td align=left valign=top><b>New Middle Right Image:</b><BR><small>*Note:  required size is width 150, height 72</td>
    	    	<td align=left valign=top><input type="file" name="new_middlerightimage"></td>
    	    </tr>
    	    <?
    	    if ($bottomrightimage != "")
    	    {?>
    	    	<tr><td align=left valign=top><b>Current Bottom Right Image:</b></td>
    	    	<td align=left valign=top>
    	    	<img src="thumb.php?width=100&path=images/<?=$bottomrightimage?>">
    	    	<input type="hidden" name="old_bottomrightimage" value="<?=$bottomrightimage?>">
    	    	</td>
    	    	</tr>
    	    <?
    		}
    		?>
    	    <tr><td align=left valign=top><b>New Bottom Right Image:</b><BR><small>*Note:  required size is width 150, height 76</td>
    	    	<td align=left valign=top><input type="file" name="new_bottomrightimage"></td>
    	    </tr>
    		<?
    	}
    	?>
        <tr><td align=center colspan=2><input type="submit" value="Update"></td></tr>
        </table>
        </form>
      
    <?
    }
    
    require('admin_bottom.html');
    ?>
    Here's where I'm at now:

    If I echo the query - the query is in good form and ultimately "should" be going into the dbase. If I simply take this dang text area out of the picture everything works fine.

    I went to HTMLArea's forums and HTMLArea 3 has been discontinued.

    I've thought about installing a new WYSIWYG but since this text editor is already site-wide I'd love to not have to do that..

    any more suggestions?

  • #11
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts

    ahhhh...

    SO. it turns out that my problem stems from a browser incompatability.

    The WYSIWYG doesn't work with Firefox . I popped open IE and it worked fine... 2 HOURS LATER!

    Anyways thanks for everyones help.

    jw

  • #12
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You could use FCK Editor, its about the best one I know of


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •