Log in

View Full Version : Easy problem but can't find answer


kau
10-19-2004, 03:06 AM
I have a form.
The form submits data to a PHP document.
The PHP document gets the data like this:

$Article = $_POST["Article"];
$Topic = $_POST["Topic"];
$Subject = $_POST["Subject"];
.......

Then I submit into the database like this:

$sql = "INSERT INTO faq (topic, article, header, name, email, id, display, screen_name, date, IP)
VALUES
('$Topic', '$Article', '$Subject', '$Name', '$Email', $random,'No', '$ScreenName', '$date', '$domain')";
mysql_query(sprintf($sql));


All works well.

Unless I submit this link:
<a href="http://www.jeep.com/wccsapp/universal/J/index.jsp?appStr=wccs&titleStr=Contact+Jeep&familyStr=brand&franchise=J&actionURL=%2Fwccs%2Fbrand_forms%2Fus%2Fwebform.jsp&promotion=null&category=U)http://www.jeep.com/wccsapp/universal/J/index.jsp?appStr=wccs&titleStr=Contact+Jeep&familyStr=brand&franchise=J&actionURL=%2Fwccs%2Fbrand_forms%2Fus%2Fwebform.jsp&promotion=null&category=U">http://www.jeep.com/wccsapp/universal/J/index.jsp?appStr=wccs&titleStr=Contact+Jeep&familyStr=brand&franchise=J&actionURL=%2Fwccs%2Fbrand_forms%2Fus%2Fwebform.jsp&promotion=null&category=U)http://www.jeep.com/wccsapp/universal/J/index.jsp?appStr=wccs&titleStr=Contact+Jeep&familyStr=brand&franchise=J&actionURL=%2Fwccs%2Fbrand_forms%2Fus%2Fwebform.jsp&promotion=null&category=U</a>

Then the $Article variable shows up null and the INSERT statement won't work.

Why?

kau
10-19-2004, 03:18 AM
Also I can submit other links and it works and long, long strings of text and they work.

Just something about that link makes it not work.

Colin F
10-19-2004, 03:48 AM
You should always addslashes() a text before entering it into the database!

kau
10-19-2004, 06:49 PM
Still errors out I tried:
$Article = $_POST["Article"];
$Article = addslashes($Article);