addslashes() On Sun, 17 Nov 2002, Peter Beckman wrote: > Having a little trouble doing some inserts into a db. > > The problem is escaping the right characters. Data integrity is important. > > Right now, I have taken an email and split it into $body and $header > (containing the respective parts of the email) using my own parsing loop. > Fairly simple, it doesn't really need to be posted. > > Before running dcc on it (see http://www.rhyolite.com/anti-spam/dcc/ if you > want to know more), I escape the quotes: > > $all2 = preg_replace("/\"/","\\\"",$header."\n".$body); > $cmd = 'echo "'.$all2.'" | dccproc -C'; > $output = `$cmd`; > > That works great. Does what I want it to do, at least I think it does. > > The larger problem comes later -- the insert: > > $body = preg_replace("/\/","\\\\",$body); > $body = preg_replace("/\"/","\\\"",$body); > $x = db_query("insert into body (submitter,md5,fuz1,fuz2,body) values > (1,'{$dcc['Body']['md5']}','{$dcc['Fuz1']['md5']}','{$dcc['Fuz2']['md5']}',\"{$body}\")"); > > Now this works great for a good amount of emails. I was just escaping the > double quotes, but then I found a case where an email had in the actual > email a backslash before the quote, so I added the first regex as well. > But then I start running into problems: > > Syntax error: EOF in backquote substitution > > or > > <b>Warning</b>: No ending delimiter '/' found in <b>/home/beckman/public_html/work/spamtracker/stlib.inc</b> on line <b>45</b><br /> > > line 45: $body = preg_replace("/\/","\\\\",$body); > > I truly suck at regexs, and for the life of me I haven't been able to teach > them to myself. If anyone can't point me in the right direction, I think > this is easily solved with a better regex than what I have. > > Why not just use addslashes()? addslashes will escape the single quote, > and it will persist through the insert, which cannot happen (need to be > able to prove the md5 hashes generated by DCC is accurate, and adding > slashes in the wrong place will screw that up). > > What's the answer? addslashes then remove the single-quoted-slashes? > > Thanks for the help. > > Peter > --------------------------------------------------------------------------- > Peter Beckman Systems Engineer, Fairfax Cable Access Corporation > beckman@purplecow.com http://www.purplecow.com/ > --------------------------------------------------------------------------- > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
