Thread: Weird glitch

    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2012
    Posts
    6
    Rep Power
    0

    Weird glitch


    hi all. i have a weird glitch happening in a page i have. i have a dropdown list on a database record update page. For some unknown reason, when a user selects an option that contains a double quote, when the user presses the Update button, a null value is entered for that field. the weird thing is the rest of the form works perfectly without errors being returned. if the user selects a value without any quotes in it, all works perfectly. it's only quotes that result in a null value being saved. And please dont say "just don't use quotes", because the field is referring to inches and the customer needs to use double quotes as short form for inches, and have 100's of records with it already. so i need to find a database solution unfortunately.
  2. #2
  3. Hockey face
    Devshed Supreme Being (6500+ posts)

    Join Date
    Nov 2001
    Location
    St. Catharines, Canada
    Posts
    8,147
    Rep Power
    1317
    what front end are you using? php has mysql_real_escape_string which if you are using that app you should be using.

    the problem isn't your database so much as how you deal with the input on the front end.

    as such this isn't a database question but belongs in the forum for whatever application you are using to process the form, php, perl, asp whatever.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2012
    Posts
    6
    Rep Power
    0
    Originally Posted by Guelphdad
    what front end are you using? php has mysql_real_escape_string which if you are using that app you should be using.

    the problem isn't your database so much as how you deal with the input on the front end.

    as such this isn't a database question but belongs in the forum for whatever application you are using to process the form, php, perl, asp whatever.
    the weird thing is, I AM using mysql_real_escape_string though, and the error doesn't happen in any of the 12 other dropdowns i have on the page, some of which have the exact same values and should behave the same way. i have this :

    Code:
    mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
    
      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;    
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case "double":
          $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
          break;
        case "date":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;
        case "defined":
          $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
          break;
      }
      return $theValue;
  6. #4
  7. Transforming Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,295
    Rep Power
    9400
    Are you using htmlentities() on the values that you're putting into the dropdown list?

    Comments on this post

    • Rick Grimes agrees
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2012
    Posts
    6
    Rep Power
    0

    Thumbs up


    Originally Posted by requinix
    Are you using htmlentities() on the values that you're putting into the dropdown list?
    no i was not. and that was the problem. brilliant! Many many thanks.

IMN logo majestic logo threadwatch logo seochat tools logo