Xanatos Posted October 24, 2002 Posted October 24, 2002 I'm getting the following error on the insertion of a new product AN ERROR HAS OCCURED! LAST ACTION : INSERT categories.php?cPath=1&error=INSERT Everything appears to be setup correctly, I am able to add categories, and manufacturers, change all other settings, just not add products from the admin. Any help would be greatly appreciated.
Xanatos Posted October 24, 2002 Author Posted October 24, 2002 Well I found the problem. There appears to be no error handling on special characters like ' and ", so I have to manually put in ' or " to get them in. I also am kinda annoyed that I have to put in <br /> for line breaks. Are string_replaces going to be implemented for carrage returns and special characters, so I don't have to modify my descriptions by hand?
Jan0815 Posted October 24, 2002 Posted October 24, 2002 Big question. The product description field is designed to accept HTML. If you want to change that behaviour we will run in some problems. How can we decide if the entered text is HTML or not? You can't have everything. That's why trains have difficulty crossing oceans, and hippos did not adapt to fly. -- from the OpenBSD mailinglist.
burt Posted October 24, 2002 Posted October 24, 2002 Are string_replaces going to be implemented for carrage returns and special characters, so I don't have to modify my descriptions by hand? www.php.net/nl2br www.php.net/addslashes Have a go at re-writing the code, and then contribute it...would be a good learning curve.. hth
Xanatos Posted October 24, 2002 Author Posted October 24, 2002 Yeah I know it was taking the HTML (that's why I was able to put in the <br />) I guess I could write a huge string replace script to replace " with " and a CR with <br /> etc etc. Just really don't have time at the moment... The thing is that thigns like single quotes (') mess up the MySQL query, preventing it from being inserted. So to end up getting them in you have to input ` (escape out twice and single quote) so it doesn't hang up on the PHP or MySQL side of things. It's crude, but it works.
Xanatos Posted October 24, 2002 Author Posted October 24, 2002 One thing that you could do is use a case to decide if the character will mess up the MySQL query. Things like ', ", and other miscellaneous characters may end up escaping out of the query, and messing it up. Like the issue I was having. Anytime that case comes along, escape out the character before inserting it into the MySQL Query. For Example SELECT * FROM `foobar` WHERE text_field = "Hi! I'm Text!, and I'm A "quote!""; would change to SELECT * FROM `foobar` WHERE text_field ="Hi! I'm Text!, and I'm A "quote!""; That would prevent the query getting escaped out of, and resolve some errors.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.