Re: getcsv error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Brian Hazelton wrote:

Brian Hazelton wrote:

Brian Hazelton wrote:
I have a script which uploads csv data into a database. This works well and has worked in every instance so far. However what I am noticing is that today, even if I escape the data before putting it into mysql it will not enter a line if it has a single quote, once I take out the single quote it enters it into the database so I know it is the single quote, is this an error or are single quotes not allowed in csv...?
I figured out part of the problem. The problem lies with one of my functions for cleaning the data before putting it into the database. I have a function, see below, that will clean the data to put into mysql and work whether magic quotes is on or off. It is not working because I echo the query and the part I need escaped is not being escaped. I try mysql_real_escape_string and it is being escaped by that so I think the problem is something with my function, if anyone can help that would be appreciated. 

function clean($str){
   if(get_magic_quotes_gpc()){
       stripslashes($str);
       mysql_real_escape_string($str);
       return $str;
   }
   else{
       mysql_real_escape_string($str);
       return $str;
   }
}



$name = 'O'Leksy';
$cleaned_name = clean($name);

echo of $cleaned name = O'Leksy';
if mysql_real_escape_string is used it echoes O\'Leksy';
Sorry for all of the posts. I got it figured out, it was just me being stupid. Since this data isnt coming from get, post or cookies then calling this function will still work but no slashes are getting added so when the stripslashes function is called it returns an error and will not continue to work because it does not return the string on error.
You'll need to assign the results of stripslashes and mysql_real_escape_string to $str, otherwise your function will have no effect and just return the original string. 

function clean($str){
  if(get_magic_quotes_gpc()){
      $str = stripslashes($str);
      $str = mysql_real_escape_string($str);
      return $str;
  }
  else{
      $str = mysql_real_escape_string($str);
      return $str;
  }
}

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux