Mark Sargent wrote:
Richard Davey wrote:
Hello Mark,
Monday, May 30, 2005, 4:18:20 PM, you wrote:
MS> I have my settings in php.ini set for UTF-8, and the encoding for
MS> the mysql database table's column that is using Japanese to UTF-8.
MS> Now, if I view the data stored in that column in phpmyadmin, via
MS> say, firefox, it displays in UTF-8, but, if I pull the code from
MS> the database and display it in a UTF-8 set page, it is just ?
MS> marks, although static J text displays fine...any thoughts on
MS> this..? Driving me nutz. Cheers.
Are you doing anything to the data after you've pulled it back from
MySQL? Perhaps parsing it, or pushing it through a PHP function that
might convert it back to Latin1? (i.e. using non-overloaded PHP
functions when you should be using the mb functions)
Best regards,
Richard Davey
Hi All,
Richard, please view code provided below. Cheers.
Mark Sargent.
<?php
session_start();
include("database.php");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Jumbo Status-Product Details</title>
</head>
<body lang="en">
<hr>
<h1 align="center">JUMBO STATUS</h1><p>
<center>Used Hardware Specialist</center>
<center><a href="index.php">Home</a></center> <center><a
href="search.php">Search</a></center>
<hr>
<table align="center" bgcolor="lightblue" cellpadding="2" border="2"
width="60%">
<?php
if (isset($_REQUEST[product_id])) {
$product_id = $_REQUEST[product_id];
$result = mysql_query("SELECT Products.product_id,
Products.product_name, Products.product_model_number,
Products.product_price, Products.product_qty, Products.product_desc,
Products.product_data_output, Conditions.condition_detail FROM Products
INNER JOIN Conditions On Products.condition_id = Conditions.condition_id
WHERE Products.product_id = '$product_id'");
I don't know if you noticed, but $_REQUEST[product_id] (and thus
$product_id have *enormous* SQL-injection capabilities. Imagine someone
sending product_id=1';DROP TABLE Products, Conditions;, do you see the
problem? You should never ever trsut any user-input, scan it, reform it,
make sure it's what you expect, before using it.
if (!$result) {
echo "Query failed: " . mysql_error();
exit;
}
$num = mysql_num_rows($result);
$rows = mysql_fetch_array($result);
echo "<tr align=\"center\"><td colspan=\"4\">Status-Product
Details</td></tr>";
}
for ($i=0; $i<$num; $i++){
echo "<tr align=\"center\"><td>PRODUCT
NAME</td><td>".$rows['product_name']."</td><br><tr
align=\"center\"><td>QUANTITY</td><td>".$rows['product_qty']."</td></tr><br><tr
align=\"center\"><td>PRICE</td><td>".$rows['product_price
yen']."</td></tr><br><tr
align=\"center\"><td>CONDITION</td><td>".$rows['product_condition']."</td></tr><tr
align=\"center\"><td colspan=\"2\">MORE DETAILS</td></tr><tr
align=\"center\"><td
colspan=\"2\">".$rows['product_desc']."</td></tr><tr
align=\"center\"><td colspan=\"2\">DATA OUTPUT</td></tr><tr
align=\"center\"><td
colspan=\"2\">".$rows['product_data_output']."</td></tr>";
}
?>
</table>
<p>
<p>
<p>
<hr><center>email: <p>
Telephone: <p>
Fax:
</center>
</body>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
