special characters

Hi all,
really noob on php and for me, as an ESL, sometimes is hard to find/understand manual/tutorial so I’m looking for a little help here.

I have:
.db with some “special characters” records as ", ', ò, à, è and so on… (sql code at the end)
.a search file with a drop-down menu (search.php below), seems works smooth.
.a search result file (search_php below) which make some mess when in the db the field contains special chars.

What happens?
In search.php when a non special chars data is submitted, the search_ac.php result is like:

Billa la 4510000000006
and is ok.

But when in search.php a special chars data is submitted, the search_ac.php result is like:

La c'holla & Co. Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/data/www/scripts/ana/005/search_ac.php on line 25
and is not ok.

As far as I understood the problem regards something about the apostrophe " ’ " and mysql_real_escape_string should solve it. In fact, in the insert.php file (not included because 100% working) the below code works great:
[php]$denominazione = mysql_real_escape_string($denominazione);
$sql=“INSERT INTO $tbl_name(pi, cf, denominazione)VALUES(’$pi’, ‘$cf’, ‘$denominazione’)”;
$result=mysql_query($sql);[/php]

Now, the question, could someone help me with this annoying problem? probably I need a mysql_real_escape_string in the line echo $objResult[“cf”]; of search_ac.php. But I don’t understand the correct syntax.

Thank you in advance,

Bactrim

search.php

[php]

Search <? ini_set('display_errors', 1); error_reporting(E_ALL); $host="localhost"; // Host name $username="foo"; // Mysql username $password="bar"; // Mysql password $db_name="anagrafica"; // Database name $tbl_name="anadi"; // Table name

// Connect to server and select database.
mysql_connect("$host", “$username”, “$password”)or die(“cannot connect”);
mysql_select_db("$db_name")or die(“cannot select DB”);
?>

List Menu
<-- Scegli cliente --> <? $strSQL = "SELECT * FROM `anadi` WHERE `id` IS NOT NULL ORDER BY `denominazione` ASC"; $objQuery = mysql_query($strSQL); while($objResult = mysql_fetch_array($objQuery)) { ?> "><?=$objResult["denominazione"]." - ".$objResult["cf"];?> <? } ?> <? mysql_close(); ?> [/php]

search_ac.php

[php]

Search Rs <? ini_set('display_errors', 1); error_reporting(E_ALL); $host="localhost"; // Host name $username="foo"; // Mysql username $password="bar"; // Mysql password $db_name="anagrafica"; // Database name $tbl_name="anadi"; // Table name

// Connect to server and select database.
mysql_connect("$host", “$username”, “$password”)or die(“cannot connect”);
mysql_select_db("$db_name")or die(“cannot select DB”);
?>

<? echo $_POST["denominazione"]; echo "
"; $strSQL = "SELECT * FROM anadi WHERE denominazione = '".$_POST["denominazione"]."' "; $objQuery = mysql_query($strSQL); $objResult = mysql_fetch_array($objQuery); echo $objResult["cf"]; ?> <? mysql_close(); ?>[/php]

SQL

-- phpMyAdmin SQL Dump
-- version 3.4.10.1deb1
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generato il: Ago 16, 2013 alle 13:35
-- Versione del server: 5.5.32
-- Versione PHP: 5.3.10-1ubuntu3.7

SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";


/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;

--
-- Database: `anagrafica`
--

-- --------------------------------------------------------

--
-- Struttura della tabella `anadi`
--

CREATE TABLE IF NOT EXISTS `anadi` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `pi` char(11) COLLATE utf8_unicode_ci DEFAULT NULL,
  `cf` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `denominazione` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
  `tipodi` char(2) COLLATE utf8_unicode_ci DEFAULT NULL,
  `cfrl` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `datainsert` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  `rea` char(7) COLLATE utf8_unicode_ci DEFAULT NULL,
  `reapr` char(2) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sedeluogo` varchar(60) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sedeprov` char(2) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sedestato` varchar(30) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sedecap` char(5) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sedetipovia` varchar(10) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sedeindirizzo` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sedecivico` varchar(6) COLLATE utf8_unicode_ci DEFAULT NULL,
  `mail1` varchar(60) COLLATE utf8_unicode_ci DEFAULT NULL,
  `mailref1` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `mail2` varchar(60) COLLATE utf8_unicode_ci DEFAULT NULL,
  `mailref2` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `mail3` varchar(60) COLLATE utf8_unicode_ci DEFAULT NULL,
  `mailref3` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `tel1` varchar(12) COLLATE utf8_unicode_ci DEFAULT NULL,
  `telref1` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `tel2` varchar(12) COLLATE utf8_unicode_ci DEFAULT NULL,
  `telref2` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `tel3` varchar(12) COLLATE utf8_unicode_ci DEFAULT NULL,
  `telref3` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `fax` varchar(12) COLLATE utf8_unicode_ci DEFAULT NULL,
  `faxref` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `cell1` varchar(12) COLLATE utf8_unicode_ci DEFAULT NULL,
  `cellref1` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `cell2` varchar(12) COLLATE utf8_unicode_ci DEFAULT NULL,
  `cellref2` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `cell3` varchar(12) COLLATE utf8_unicode_ci DEFAULT NULL,
  `cellref3` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL,
  `pinps` varchar(20) COLLATE utf8_unicode_ci DEFAULT NULL,
  `pinail` varchar(20) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf01` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf02` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf03` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf04` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf05` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf06` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf07` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf08` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf09` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf10` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf11` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf12` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf13` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf14` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf15` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf16` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf17` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf18` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf19` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf20` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf21` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf22` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf23` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf24` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf25` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf26` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf27` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf28` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf29` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `sociocf30` char(16) COLLATE utf8_unicode_ci DEFAULT NULL,
  `note` mediumtext COLLATE utf8_unicode_ci,
  PRIMARY KEY (`id`),
  UNIQUE KEY `index_pi` (`pi`),
  UNIQUE KEY `index_cf` (`cf`)
) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=17 ;

--
-- Dump dei dati per la tabella `anadi`
--

INSERT INTO `anadi` (`id`, `pi`, `cf`, `denominazione`, `tipodi`, `cfrl`, `datainsert`, `rea`, `reapr`, `sedeluogo`, `sedeprov`, `sedestato`, `sedecap`, `sedetipovia`, `sedeindirizzo`, `sedecivico`, `mail1`, `mailref1`, `mail2`, `mailref2`, `mail3`, `mailref3`, `tel1`, `telref1`, `tel2`, `telref2`, `tel3`, `telref3`, `fax`, `faxref`, `cell1`, `cellref1`, `cell2`, `cellref2`, `cell3`, `cellref3`, `pinps`, `pinail`, `sociocf01`, `sociocf02`, `sociocf03`, `sociocf04`, `sociocf05`, `sociocf06`, `sociocf07`, `sociocf08`, `sociocf09`, `sociocf10`, `sociocf11`, `sociocf12`, `sociocf13`, `sociocf14`, `sociocf15`, `sociocf16`, `sociocf17`, `sociocf18`, `sociocf19`, `sociocf20`, `sociocf21`, `sociocf22`, `sociocf23`, `sociocf24`, `sociocf25`, `sociocf26`, `sociocf27`, `sociocf28`, `sociocf29`, `sociocf30`, `note`) VALUES
(1, '12345678901', '12345678901', 'prova s.a.s. d''ursov', 'sp', 'aaabbb77b22l845q', '2013-08-15 09:51:43', '123456', 'SA', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, '11223344', '55667788', 'AAABBB77V22L786Z', 'AAABBB77V22L786Z', 'AAABBB77V22L786Z', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'notenotenote'),
(2, '22345678901', '22345678901', 'Bprova s.a.s. d''urso', 'sC', 'Baabbb77b22l845q', '2013-08-15 09:17:49', '234567', 'NA', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, '22334455', '66778899', 'BBBCCC77V22L786Z', 'CCCBBB77V22L786Z', 'QQQBBB77V22L786Z', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'NONOnotenotenote'),
(3, '99999999922', '99999999992', 'provaupdata dodici', 'sc', 'mlnndr77b22l845r', '2013-08-16 09:41:59', '123456', 'VE', 'Positano', 'SA', 'Italia', '84017', 'Via', 'Mons. Vito Talamo', '69', '[email protected]', 'ref1mail', '[email protected]', 'mail2ref', '[email protected]', 'mail3ref', '89875094', 'telref1', '89875950', 'telref2', '89811509', 'faxxe', NULL, NULL, '115444455', 'cellref1', '22334564', 'cellref2', '33445567', 'cellref3', '56454564', '4648456', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'tante note tante note tante note'),
(4, '4', '4', 'Billa la di sta lla d arca', 'sc', 'Blnndr77b22l845r', '2013-08-16 11:07:25', '234567', 'BZ', 'Posillipo', 'NA', 'Italia', '80100', 'Piazza', 'Mons. Saverio Cinque', '70', '[email protected]', 'ref4mail', '[email protected]', 'mail5ref', '[email protected]', 'mail6ref', '89875094', 'telref4', '89875950', 'telref5', '89811509', 'telref6', '115444455', 'bfaxxe', '225444455', 'cellref4', '33334564', 'cellref5', '55445567', 'cellref6', '666454564', '664648456', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'tante note tante note tante note'),
(5, '10000000004', '10000000004', 'Cilla la di sta 43', 'di', 'Clnndr77b22l845r', '2013-08-16 11:15:02', '444567', 'CA', 'Roma', 'RM', 'Italia', '100', 'Corso', 'Cprons. Saverio Cinque', '71', '[email protected]', 'ref4mail', '[email protected]', 'mail5ref', '[email protected]', 'mail6ref', '89875094', 'telref4', '89875950', 'telref5', '89811509', 'telref6', '115444455', 'bfaxxe', '225444455', 'cellref4', '44444564', 'cellref5', '55445567', 'cellref6', '666454564', '664648456', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'tante note tante note tante note'),
(6, '10000000005', '10000000005', 'Billa la di sta cio 44', 'sc', 'Blnndr77b22l855r', '2013-08-16 11:15:16', '235567', 'BZ', 'Posillipo', 'NA', 'Italia', '80100', 'Piazza', 'Mons. Saverio Cinque', '70', '[email protected]', 'ref5mail', '[email protected]', 'mail5ref', '[email protected]', 'mail6ref', '89875095', 'telref5', '89875950', 'telref5', '89811509', 'telref6', '115555555', 'bfaxxe', '225555555', 'cellref5', '33335565', 'cellref5', '55555567', 'cellref6', '666555565', '665658556', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'tante note tante note tante note'),
(7, '10000000006', '10000000006', 'Billa la 45', 'sc', 'Blnndr77b22l865r', '2013-08-16 11:16:36', '236567', 'BZ', 'Posillipo', 'NA', 'Italia', '80100', 'Piazza', 'Mons. Saverio Cinque', '70', '[email protected]', 'ref6mail', '[email protected]', 'mail5ref', '[email protected]', 'mail6ref', '89875096', 'telref6', '89875950', 'telref5', '89811509', 'telref6', '115666655', 'bfaxxe', '225666655', 'cellref6', '33336566', 'cellref5', '55665567', 'cellref6', '666656566', '666668656', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'tante note tante note tante note'),
(8, '20000000007', '20000000007', 'Billa la 456', 'sc', 'Blnndr77b22l875r', '2013-08-16 11:16:36', '237567', 'BZ', 'Posillipo', 'NA', 'Italia', '80100', 'Piazza', 'Mons. Saverio Cinque', '70', '[email protected]', 'ref7mail', '[email protected]', 'mail5ref', '[email protected]', 'mail6ref', '89875097', 'telref7', '89875950', 'telref5', '89811509', 'telref6', '115777755', 'bfaxxe', '225777755', 'cellref7', '33337567', 'cellref5', '55775567', 'cellref6', '666757567', '667678756', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'tante note tante note tante note'),
(13, '30000000008', '30000000008', 'Billa la 457', 'sc', 'Blnndr77b22l885r', '2013-08-16 11:16:36', '238567', 'BZ', 'Posillipo', 'NA', 'Italia', '80100', 'Piazza', 'Mons. Saverio Cinque', '70', '[email protected]', 'ref8mail', '[email protected]', 'mail5ref', '[email protected]', 'mail6ref', '89875098', 'telref8', '89875950', 'telref5', '89811509', 'telref6', '115888855', 'bfaxxe', '225888855', 'cellref8', '33338568', 'cellref5', '55885567', 'cellref6', '666858568', '668688856', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'tante note tante note tante note'),
(14, '40000000009', '40000000009', 'Billa la 458', 'sc', 'Blnndr77b22l895r', '2013-08-16 11:16:37', '239567', 'BZ', 'Posillipo', 'NA', 'Italia', '80100', 'Piazza', 'Mons. Saverio Cinque', '70', '[email protected]', 'ref9mail', '[email protected]', 'mail5ref', '[email protected]', 'mail6ref', '89875099', 'telref9', '89875950', 'telref5', '89811509', 'telref6', '115999955', 'bfaxxe', '225999955', 'cellref9', '33339569', 'cellref5', '55995567', 'cellref6', '666959569', '669698956', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'tante note tante note tante note'),
(15, '99999999990', '99999999990', 'La provola maggica', NULL, NULL, '2013-08-15 09:52:22', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
(16, '99999999989', '99999999989', 'La c''holla & Co.', NULL, NULL, '2013-08-16 11:09:13', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);

/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;

If I understand what you’re saying… I think you just need to change…

in search_ac.php

[php] $strSQL = “SELECT * FROM anadi WHERE denominazione = '”.$_POST[“denominazione”]."’ "; [/php]

to

[php] $strSQL = “SELECT * FROM anadi WHERE denominazione = '”.mysql_real_escape_string($_POST[“denominazione”])."’";[/php]

THANK YOU SOOOOO MUCH! Afaik I was really near but inverting ’ with " so nothing worked properly.

Solved, thank you again!

Bac

Sponsor our Newsletter | Privacy Policy | Terms of Service