Using str_replace

Hi, I am wondering why the following codes doesn't work for me: $pt_new=str_replace("%27", "'", $pt_old);

I also tried $pt=str_replace("%27", "/'/", $pt);

When I tried to access a page with the title, "Zainal Abidin A'ala", I get this error:

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ala'' at line 1"

with $result = mysql_query("SELECT page_title, page_len FROM $page WHERE page_namespace='$ns' AND page_title='$pt'") or die(mysql_error());

 

Did you mean \x27 instead? In str_replace, % is the wildcard.

 

Thanks, Rukbat for the reply. No, my url reads as: http://malaysia.jbdirectory.com/Dato'_Onn_Jaafar and I am trying to extract the page title, i.e. Dato' Onn_Jaafar.

The %27 returns an error when I try to seek page_title in my MySQL database.

 

The actual title is Dato' Onn_Jaafar, so you select where the field is "Dato'' Onn_Jaafar". (Two single quotes - the single quote is the escape character in SQL.) Replace %27 with '' (two single quotes - which is a single quote escaped).

Echo $pt first, though. I don't have a PHP interpreter to test with at the moment, it's late and I can't remember if PHP sees the value as %27 or as ' (If the latter, str_replace ' with '')

 

Hi Rukbat... it doesn't seem to want to replace. If you see this page, it does seem that the formula is correct: $newVariable = str_replace(" ", "_", $oldVariable);

As you said, % is a wildcard and so I guess, that must be the one causing the trouble. I tried escaping it by using "\%27", but it doesn't work either. (By the way, I have no problems with all other pages where there is no apostrophe.)

 

Hi Rukbat, I managed to solve it!!! This page says: "You have to $name = mysql_real_escape_string($name); before that line."

 

That works, but mysql functions are going to disappear in later versions of PHP, so you'll have to write mysqli or pdo functions. If you just str_replace (properly - that's where you're having the problem), you won't have to change that code when mysql disappears.

I prefer "future-proofing" my code as much as possible, so I have less to change in the future. For your own site that may last a few years it's not that important, but I'm still supporting sites I wrote in the early 90s.

 

Rukbat, that's bad news. I am using MediaWiki. MediaWiki is using PHP and MySQL. All my sites are running on MediaWiki and I am not a programmer. Looks like my days are numbered, hahaha.