提交文本以在mysql数据库中使用 [英] submitting text for use in a mysql database
问题描述
嗨民谣
这个问题一直困扰着我。我有一个网站,人们可以将内容输入mysql数据库。这些
信息中的一些信息已经显示在一些textareas和输入框中,用户可能会更改它然后点击提交。所有的值都是
然后传递给一个mysql数据库,覆盖现有的值(在旧的值被备份之后)。
所有这一切除了像&,''和'之类的字符外,它的作品非常棒。更糟糕的是,一些原始文本已经包含& 039;和其他数字字符代码。
数据库中的任何值都是通过从数据库中检索来显示的
[当然简化]
mysql_quer(...)
$ row = ...
$ Vold1 = $ row [x];
$ Vold2 = $ row [y];
等...
< INPUT VALUE = $ Vold NAME =" x" ;>
< TEXTAREA> $ Vold< / TEXTAREA NAME =" y">
提交的任何值按如下方式处理:
$ V1 = trim(stripslashes(htmlentities(trim($ _ POST [" x"])))))
$ V1 = trim(stripslashes(htmlentities(trim) ($ _POST [" y]])))))
然后使用mysql查询将$ V插入表中。
我做得对还是弄得一团糟?
- 尼古拉斯
row = ...
Vold1 =
row [x];
Hi Folk
This question has been bugging me for month. I have a website where people can enter stuff into a mysql database. Some of this
information will already be shown in some textareas and input boxes, the user may change it and then hit submit. All the values are
then passed to a mysql database, overriding the existing values (after the old ones have been backed-up).
All of this works marvellous, apart from characters like &, '' and ". To make it even worse, some of the original text already
contains &039; and other numeric character codes.
Any values from the database are displayed by retrieving them from the DB
[simplified of course]
mysql_quer(...)
$row = ...
$Vold1 = $row[x];
$Vold2 = $row[y];
etc...
<INPUT VALUE=$Vold NAME="x">
<TEXTAREA>$Vold</TEXTAREA NAME="y">
Any values that are submitted are processed as follows:
$V1 = trim(stripslashes(htmlentities(trim($_POST["x"])))))
$V1 = trim(stripslashes(htmlentities(trim($_POST["y"])))))
then $V is inserted into the table using a mysql query.
Am I doing it right or am I making a mess of it?
- Nicolaas
row = ...
Vold1 =
row[x];
这篇关于提交文本以在mysql数据库中使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
