Inserting things into the DB

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Having a little trouble doing some inserts into a db.

The problem is escaping the right characters.  Data integrity is important.

Right now, I have taken an email and split it into $body and $header
(containing the respective parts of the email) using my own parsing loop.
Fairly simple, it doesn't really need to be posted.

Before running dcc on it (see http://www.rhyolite.com/anti-spam/dcc/ if you
want to know more), I escape the quotes:

   $all2 = preg_replace("/\"/","\\\"",$header."\n".$body);
   $cmd = 'echo "'.$all2.'" | dccproc -C';
   $output = `$cmd`;

That works great.  Does what I want it to do, at least I think it does.

The larger problem comes later -- the insert:

    $body = preg_replace("/\/","\\\\",$body);
    $body = preg_replace("/\"/","\\\"",$body);
    $x = db_query("insert into body (submitter,md5,fuz1,fuz2,body) values
                 (1,'{$dcc['Body']['md5']}','{$dcc['Fuz1']['md5']}','{$dcc['Fuz2']['md5']}',\"{$body}\")");

Now this works great for a good amount of emails.  I was just escaping the
double quotes, but then I found a case where an email had in the actual
email a backslash before the quote, so I added the first regex as well.
But then I start running into problems:

 Syntax error: EOF in backquote substitution

or

 <b>Warning</b>:  No ending delimiter '/' found in <b>/home/beckman/public_html/work/spamtracker/stlib.inc</b> on line <b>45</b><br />

 line 45:           $body = preg_replace("/\/","\\\\",$body);

I truly suck at regexs, and for the life of me I haven't been able to teach
them to myself.  If anyone can't point me in the right direction, I think
this is easily solved with a better regex than what I have.

Why not just use addslashes()?  addslashes will escape the single quote,
and it will persist through the insert, which cannot happen (need to be
able to prove the md5 hashes generated by DCC is accurate, and adding
slashes in the wrong place will screw that up).

What's the answer?  addslashes then remove the single-quoted-slashes?

Thanks for the help.

Peter
---------------------------------------------------------------------------
Peter Beckman            Systems Engineer, Fairfax Cable Access Corporation
beckman@purplecow.com                             http://www.purplecow.com/
---------------------------------------------------------------------------


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux