Mysql does not save all characters

Asked

Viewed 247 times

1

I implemented the Ckeditor in my textarea, but it is not saving the data correctly in the BD. The result is like this:

If I write Testing in bold, the result of pure html would be: <p><strong>teste</strong></p>, but what you’re saving in the comic book is pstrongteste/strong/p , i.e., it is removing the <> , some solution?

Change function:

    public function alterar($tabela, Array $dados, $condicoes){

    foreach ($dados as $key => $value) {
       $campos[] = "{$key}='".$value."'";
    }
    $campos = implode(", ", $campos);

    $SQL = " UPDATE `{$tabela}` SET $campos WHERE $condicoes ";

    $resultado = $this->query($SQL);

    return $this->affected_rows;
}

The function that saves the change:

public function alterar_grv(){

    $codigo = $this->post('codigo');

    $data_denuncia = $this->post('data_denuncia');
    $hora_denuncia = $this->post('hora_denuncia');
    $tipo_denuncia = $this->post('tipo_denuncia');
    $tipo_outro = $this->post('tipo_outro');
    $denuncia = $this->post('denuncia');        
    $editado_por = $this->_cod_usuario;

    $valida = new model_valida();


    $denuncia= ("$denuncia");

    //validacoes

    $time = time();

    if($tipo_outro){

        $tipo_denuncia = $this->post('tipo_outro');

    }


        $arraydata = explode("/", $data_denuncia);
        $diamontado = $arraydata[2].'-'.$arraydata[1].'-'.$arraydata[0];
        $data_denuncia = $diamontado;


    $db = new mysql();
    $db->alterar("denuncia", array(
        "data_denuncia"=>"$data_denuncia",
        "hora_denuncia"=>"$hora_denuncia",
        "tipo_denuncia"=>"$tipo_denuncia",
        "denuncia"=>"$denuncia",
        "pdf_denuncia"=>"$denuncia",
        "editado_por"=>"$editado_por"
    ), " codigo='$codigo' ");


    $this->irpara(DOMINIO.$this->_controller.'/detalhes/codigo/'.$codigo);
}

A textarea:

<textarea name="denuncia" type="text" rows="10" cols="80" id="editor1" class="form-control"><?=$data->denuncia?></textarea>

The post functions

 public function get($name){
        if(isset($this->_params[$name])){
            return $this->_params[$name];
        } else {
            return '';
        }
    }

    public function post($name){
        if(isset($_POST[$name])){
            $string = str_replace(array("<", ">", "\\", "//", "#"), "", $_POST[$name]);
            $string = trim($string);
            $string = strip_tags($string);
            $string = (get_magic_quotes_gpc()) ? $string : addslashes($string);
            return trim($string);
        } else {
            return '';
        }
    }
  • What is the code that saves in the database?

  • I put the codes

  • You are sending via ajax ?

  • What is $this->post?

  • I put her function

  • 1

    You are removing the characters < and > in its function post

  • Comment on this function line str_replace(array("<", ">", "\\", "//", "#"), "", $_POST[$name]); and see that this is the problem.

  • it’s like Wellingthon said you’re doing wrong.

Show 4 more comments

2 answers

1


You are using some functions that do exactly what is happening to you give a verified in this fragment!

        $string = str_replace(array("<", ">", "\\", "//", "#"), "", $_POST[$name]);
        $string = trim($string);
        $string = strip_tags($string);
        $string = (get_magic_quotes_gpc()) ? $string : addslashes($string);

1

The correct is for you to use the method htmlentities, it converts all applicable characters into HTML entities.

function post($html){
    return htmlentities($html, ENT_QUOTES);
}

$String = '<p>Hoje é um lindo dia!</p><p>Parece que vai chover amanhã!</p>';

echo post($String);

The above example will return:

&lt;p&gt;Hoje &eacute; um lindo dia!&lt;/p&gt;&lt;p&gt;Parece que vai chover amanh&atilde;!&lt;/p&gt;

See working on ideone.

Reference

Browser other questions tagged

You are not signed in. Login or sign up in order to post.