Form to database question...

Discussion in 'Databases' started by cgo85, Jul 18, 2008.

  1. #1
    I'm using a form to send information to my database. When I put a link in the form to store in database, the output is all messed up. Here is an example:

    Enter into form:

    <a href="/dir/abcd.html">hello everyone</a>

    When I look at phpmyadmin, it's stored as:

    <a href=\"/dir/abcd.html\">hello everyone</a>

    It's output link on my webpage is:

    <a href=\\\"/dir/abcd.html\\\">hello everyone</a>


    This is my html form code:

    <form method="post" action="major_counties.php">
    <input type="hidden" name="id" value="null">
    <table>
    <tr><td align="left">ABBR: </td>
    <td><input name="abbr" type="text" size="5" maxlength="2"></td>
    </tr>
    <tr>
    <td align="left">Enter Counties HTML: </td>
    <td><textarea name="info" cols="50" rows="10"></textarea></td>
    </tr>
    <tr><td colspan="2">
    <p align="center">
    <input type="submit" value="Enter record">
    </td>
    </tr>
    </table>
    </form>

    This is my php code:

    <?
    
      $abbr = addslashes($_POST['abbr']);
      $info = addslashes($_POST['info']);
      
    include '../config.php';
    $table = "demographic";
    
    include '../opendb.php';
    
    $sqlquery = "UPDATE $table SET major_counties='$info' WHERE abbr='$abbr'";
    
    $results = mysql_query($sqlquery);
    
    include '../closedb.php';
    
    print "<html><body> <table width=\"600\" border=\"0\" cellspacing=\"1\" cellpadding=\"1\">
     <tr>
     <td>";
    print "<p>You have just entered this record in <strong>$abbr</strong>:<p><br><br>";
    print "$info<br>";
    print "<a href=\"/neigh/major_counties.html\">Go Back</a>";
    print "</td>
     </tr>
     </table></body></html>";
    ?>
    PHP:


    PLEASE HELP
     
    cgo85, Jul 18, 2008 IP
  2. RectangleMan

    RectangleMan Notable Member

    Messages:
    2,825
    Likes Received:
    132
    Best Answers:
    0
    Trophy Points:
    210
    #2
    mysq_real_escape_string()

    Try that function...
     
    RectangleMan, Jul 18, 2008 IP
  3. cgo85

    cgo85 Peon

    Messages:
    380
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Sorry, I'm kinda new to this stuff. Where would I put that?
     
    cgo85, Jul 18, 2008 IP
  4. rohan_shenoy

    rohan_shenoy Active Member

    Messages:
    441
    Likes Received:
    20
    Best Answers:
    0
    Trophy Points:
    60
    #4
    That is happening because magic quotes is already on. So you don't need to addslashes() again. Google for magic quotes in PHP.
     
    rohan_shenoy, Jul 18, 2008 IP
  5. rohan_shenoy

    rohan_shenoy Active Member

    Messages:
    441
    Likes Received:
    20
    Best Answers:
    0
    Trophy Points:
    60
    #5
    btw don't depend on addslashes(), always use mysql_real_escape_string()
     
    rohan_shenoy, Jul 20, 2008 IP