php bind_param Forbidden

Asked

Viewed 24 times

0

I need to do the insert of the contents made in the editor summernote.

Only that the bind_param is blocking because the editor generates html content. Example:

<p style="text-align: center; "><b>Titulo</b></p>

Then when I do Submit, this message appears:

Error: Forbidden: You don’t have permission to access /file.php.

How to allow the bind_param allow insertion?

My code:

if ((isset($_POST["form"])) && ($_POST['form'] == "form1")) {
  $rs = $mysqli->prepare("INSERT INTO contratos (nomeContrato, texto, dataModificado) VALUES (?, ?, ?) ");

  $rs->bind_param('sss',
    $_POST['nomeContrato'],
    $_POST['texto'],
    $_POST['dataModificado']
    );

  $rs->execute();


  if ($rs->errno) {
    echo 'Erro: ', $rs->error;
  } else {
    echo "<script>window.location='sucesso.php'</script>";
  }
}
  • What makes you think it’s the bind_param that is blocking access to the file?

  • Because when I send text without any formatting insert works.

  • You can see it in the log file or mysqli_error whether there has been any specific error?

  • I use ini_set('display_errors',1); ini_set('display_startup_erros',1); error_reporting(E_ALL); And nothing shows up.

  • @Andersoncarloswoss if you do not miss the memory, there is a function that modifies tags so that they are sent to mysql, but I do not remember the name. If I remember correctly she puts a backslash \ to override the code.

  • 1

    Tiago, the name of this function is htmlentities

Show 1 more comment
No answers

Browser other questions tagged

You are not signed in. Login or sign up in order to post.