getcsv error

I have a script which uploads csv data into a database. This works well
and has worked in every instance so far. However what I am noticing is
that today, even if I escape the data before putting it into mysql it
will not enter a line if it has a single quote, once I take out the
single quote it enters it into the database so I know it is the single
quote, is this an error or are single quotes not allowed in csv...?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: getcsv error

Brian Hazelton wrote:
> I have a script which uploads csv data into a database. This works
> well and has worked in every instance so far. However what I am
> noticing is that today, even if I escape the data before putting it
> into mysql it will not enter a line if it has a single quote, once I
> take out the single quote it enters it into the database so I know it
> is the single quote, is this an error or are single quotes not allowed
> in csv...?
>
>
I figured out part of the problem. The problem lies with one of my
functions for cleaning the data before putting it into the database. I
have a function, see below, that will clean the data to put into mysql
and work whether magic quotes is on or off. It is not working because I
echo the query and the part I need escaped is not being escaped. I try
mysql_real_escape_string and it is being escaped by that so I think the
problem is something with my function, if anyone can help that would be
appreciated.

function clean($str){
if(get_magic_quotes_gpc()){
stripslashes($str);
mysql_real_escape_string($str);
return $str;
}
else{
mysql_real_escape_string($str);
return $str;
}
}



$name = 'O'Leksy';
$cleaned_name = clean($name);

echo of $cleaned name = O'Leksy';
if mysql_real_escape_string is used it echoes O\'Leksy';


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: getcsv error

Brian Hazelton wrote:
> Brian Hazelton wrote:
>> I have a script which uploads csv data into a database. This works
>> well and has worked in every instance so far. However what I am
>> noticing is that today, even if I escape the data before putting it
>> into mysql it will not enter a line if it has a single quote, once I
>> take out the single quote it enters it into the database so I know it
>> is the single quote, is this an error or are single quotes not
>> allowed in csv...?
>>
>>
> I figured out part of the problem. The problem lies with one of my
> functions for cleaning the data before putting it into the database. I
> have a function, see below, that will clean the data to put into mysql
> and work whether magic quotes is on or off. It is not working because
> I echo the query and the part I need escaped is not being escaped. I
> try mysql_real_escape_string and it is being escaped by that so I
> think the problem is something with my function, if anyone can help
> that would be appreciated.
>
> function clean($str){
> if(get_magic_quotes_gpc()){
> stripslashes($str);
> mysql_real_escape_string($str);
> return $str;
> }
> else{
> mysql_real_escape_string($str);
> return $str;
> }
> }
>
>
>
> $name = 'O'Leksy';
> $cleaned_name = clean($name);
>
> echo of $cleaned name = O'Leksy';
> if mysql_real_escape_string is used it echoes O\'Leksy';
>
>
Sorry for all of the posts. I got it figured out, it was just me being
stupid. Since this data isnt coming from get, post or cookies then
calling this function will still work but no slashes are getting added
so when the stripslashes function is called it returns an error and will
not continue to work because it does not return the string on error.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: getcsv error

Brian Hazelton wrote:
> Brian Hazelton wrote:
>> Brian Hazelton wrote:
>>> I have a script which uploads csv data into a database. This works
>>> well and has worked in every instance so far. However what I am
>>> noticing is that today, even if I escape the data before putting it
>>> into mysql it will not enter a line if it has a single quote, once I
>>> take out the single quote it enters it into the database so I know
>>> it is the single quote, is this an error or are single quotes not
>>> allowed in csv...?
>>>
>>>
>> I figured out part of the problem. The problem lies with one of my
>> functions for cleaning the data before putting it into the database.
>> I have a function, see below, that will clean the data to put into
>> mysql and work whether magic quotes is on or off. It is not working
>> because I echo the query and the part I need escaped is not being
>> escaped. I try mysql_real_escape_string and it is being escaped by
>> that so I think the problem is something with my function, if anyone
>> can help that would be appreciated.
>>
>> function clean($str){
>> if(get_magic_quotes_gpc()){
>> stripslashes($str);
>> mysql_real_escape_string($str);
>> return $str;
>> }
>> else{
>> mysql_real_escape_string($str);
>> return $str;
>> }
>> }
>>
>>
>>
>> $name = 'O'Leksy';
>> $cleaned_name = clean($name);
>>
>> echo of $cleaned name = O'Leksy';
>> if mysql_real_escape_string is used it echoes O\'Leksy';
>>
>>
> Sorry for all of the posts. I got it figured out, it was just me being
> stupid. Since this data isnt coming from get, post or cookies then
> calling this function will still work but no slashes are getting added
> so when the stripslashes function is called it returns an error and
> will not continue to work because it does not return the string on error.
>
You'll need to assign the results of stripslashes and
mysql_real_escape_string to $str, otherwise your function will have no
effect and just return the original string.

function clean($str){
if(get_magic_quotes_gpc()){
$str = stripslashes($str);
$str = mysql_real_escape_string($str);
return $str;
}
else{
$str = mysql_real_escape_string($str);
return $str;
}
}

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: getcsv error

Looks like Steve posted the answer so here is something related.
I use the function below to deal with those annoying magic quotes setups.

The function will remove the magically annoying quotes from the POST,
GET, COOKIE and REQUEST arrays. Simply save it to a file and include it
on top of your pages.


//This is here to deal with MagicQuotes source:
//http://usphp.com/manual/en/security.magicquotes.disabling. php

if (get_magic_quotes_gpc()) {
function stripslashes_deep($value)
{
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);

return $value;
}

$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);

}
?>


--
John
There's room at the top they are telling you still,
But first you must learn how to smile as you kill,
If you want to be like the folks on the hill...
[John Lennon]

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php