1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

special characters, php htmlentites

Discussion in 'Web Design & Development' started by andynic, Jan 31, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. andynic

    andynic Thread Starter

    Joined:
    May 25, 2007
    Messages:
    371
    Hi,

    I have a DB maintenance form that allows the user to enter data. Some of the data entry fields are <input type="text"> others are <textarea> fields.

    I would like the data entry user to be able to enter any characters s/he pleases from the keyboard.
    For example to enter a euro symbol from a Mac keyboard, the user would press shift-option-2, which I will do now €
    (The last character on that( line should be a euro symbol.)

    I don't want the user to have to mess with html entites such as &-e-u-r-o-; (no dashes in actuality).
    I want to include all kinds of quotes, single and double quotes as well as their curly versions.
    If at all possible I'd like the data entry user to be able to use the less than (<) and greater than (>) symbols in their text.

    Upon clicking "commit", the data gets written to a mysql table created in the following way, for example:
    create table T (c1 varchar(100)) ENGINE=InnoDB DEFAULT CHARSET=latin1;

    Then a webpage user should see the correct symbols.
    The server puts up the webpage using a PHP script retrieving the data from the database.

    What I've done (see below) must be barking up the wrong tree. Is their a simple an elegant way to do this?

    I have tried passing strings through the PHP htmlentites function before inserting the strings into the DB or before updating them; and in the PHP script that puts up the webpage, I use the PHP html_entity_decode function before display the data. But this is not producing correct results.

    For example, using that technique in the attached script (testSpecialCharacters.php), it produces as output:
    ...value as retrieved from DB is : ...“phrase in curly double quotes”...followed by euro symbol €

    Note: In order to upload the file I changed the ".php" extension to ".txt"

    Thanks for your help.
    Andynic
     

    Attached Files:

  2. colinsp

    colinsp

    Joined:
    Sep 5, 2007
    Messages:
    2,254
    First Name:
    Colin
    For future reference post your code in code tags like this [ code ] then your code then [ /code ] (remove the spaces) we don't like downloading files as they may not be what they are purported to be.

    To answer your question you need to alter your strings before they are written to the database with something like this

    Code:
    $input_date = mysql_real_escape_string($input_date);
    
    This assumes that $input_date is one of your input strings and then use htmlentities when you pull the data back from the database.
     
  3. andynic

    andynic Thread Starter

    Joined:
    May 25, 2007
    Messages:
    371
    Hi Colinsp,
    Thanks for your reply.
    I have tried your suggestion and get similar results to what I was getting.

    Using my original code:
    Result in webpage:
    ...value as retrieved from DB is : ...â&#8364;&#339;phrase in curly double quotesâ&#8364;...followed by euro symbol â&#8218;¬
    Row in table T using SELECT in mysql running in terminal window:
    +--------------------------------------------------------------------------------------------+
    | c1 |
    +--------------------------------------------------------------------------------------------+
    | ...&acirc;??phrase in curly double quotes&acirc;??...followed by euro symbol &acirc;?&not; |
    +--------------------------------------------------------------------------------------------+

    Using your code aa shown below:
    Result in webpage:
    ...value as retrieved from DB is : ...â&#8364;&#339;phrase in curly double quotesâ&#8364;...followed by euro symbol â&#8218;¬
    Row in table T using SELECT in mysql running in terminal window:
    +----------------------------------------------------------------------+
    | c1 |
    +----------------------------------------------------------------------+
    | ...&#8220;phrase in curly double quotes&#8221;...followed by euro symbol &#8364; |
    +----------------------------------------------------------------------+

    I also tried using html_entity_decode to convert $val to no avail,

    The code as it now appears:
    <code>
    <?php

    /*
    how table was created:
    create table T (c1 varchar(100)) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=44 ;
    */

    set_error_handler("phpErrorHandler", E_ALL);

    // Set up a connection to the DB
    $hostname = "localhost";
    $database = "tdb name"; #dev -- data from live server
    $username = "schema user name";
    $password = "password";
    $db = mysql_connect($hostname, $username, $password) or die("Kan geen verbinding maken met de database : " . mysql_error());

    mysql_select_db($database, $db);

    // Begin mock data entry script.
    $str = '...&#8220;phrase in curly double quotes&#8221;...followed by euro symbol &#8364;'; //The quotes and euro symbol were entered from the keyboard
    //$str = htmlentities($str, ENT_COMPAT);
    $str = mysql_real_escape_string($str); // from Colinsp

    // Put the string in table T
    $sqlCmd = "insert into T (c1) values ('$str');";
    $cmdHndl = mysql_query($sqlCmd);

    $sqlCmd = "commit;";
    $cmdHndl = mysql_query($sqlCmd);
    // End mock data entery script.


    // Begin mock script that the server uses to put up the webpage.
    // Retrieve the record from table T
    $sqlCmd = "select c1 from T;";
    $cmdHndl = mysql_query($sqlCmd);
    $row = mysql_fetch_array($cmdHndl, MYSQL_ASSOC);
    $val = $row['c1'];

    //$val = html_entity_decode($val);
    $val = htmlentities($val); // From Colinsp
    echo "...value as retrieved from DB is : $val<br />";
    // End mock script that the server uses to put up the webpage.

    //$sqlCmd = "delete from T";
    //$cmdHndl = mysql_query($sqlCmd);
    mysql_close();
    restore_error_handler();
    ?>
    </code>
     
  4. colinsp

    colinsp

    Joined:
    Sep 5, 2007
    Messages:
    2,254
    First Name:
    Colin
    Use phpmyadmin to actually inspect the table entry to see what is actually being written to the table. That will tell whether it is an input or output problem

    use [] around code tags not <> ;)
     
  5. andynic

    andynic Thread Starter

    Joined:
    May 25, 2007
    Messages:
    371
    Hi Colinsp,
    Thanks again for your reply.

    I just installed phpMyAdmin on my server. (I'm a retired old-fashioned Oracle DBA and applications developer, having started with Oracle v4 and married to it up to and including Oracle 10i. I'm so used to using SQL via a terminal window that I tend to avoid G'UI tools though I did use toad now and then for some things later on.)

    Back to the point:
    I did not make any changes to the code I submitted in my last reply.
    Using the two lines of code commented with "from Colinsp"
    this is what phpMyAdmin shows in table T:
    ...â&#8364;&#339;phrase in curly double quotesâ&#8364;...followed by euro symbol â&#8218;¬

    and this is what shows in the webpage that the code puts up:
    ...value as retrieved from DB is : ...â&#8364;&#339;phrase in curly double quotesâ&#8364;...followed by euro symbol â&#8218;¬

    Thanks for your help.
    Andynic
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1087726

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice