I just moved my php and sql to a different server and am having a strange error. When ever someone tries to input text that has a:( " ' ; - etc.) they get the error: "Incorrect string value: '\x93of th...' for column 'blurb' at row 1" Whenever all of the special characters are taken out it works beautifully. If somone could look at my code and make some suggestions on how to solver this I would greatly appreciate it! I haven't upgraded much so I can't figure out what in my DW code is not working correctly.
<?php require_once('../Connections.php'); ?>
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . date("Y-m-d",strtotime($theValue)) . "'" : "NULL";
break;
case "time":
$theValue = ($theValue != "") ? "'" . date("H:i:s",strtotime($theValue)) . "'" : "NULL";
break;
case "datetime":
$theValue = ($theValue != "") ? "'" . date("Y-m-d H:i:s",strtotime($theValue)) . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
while(list($key,$v)= each($_FILES)){
echo $key . ": " . $v . "<br>";
$link = $_FILES[$key]['name'];
$link = htmlentities(($link), ENT_QUOTES);
echo $file_name;
}
if($link == "") {
die("Link broke."); }
$editcheck = 0;
if(isset($_POST['editorial']) && $_POST['editorial'] == "1") {
$editcheck = 1;
}
$staffcheck = 0;
if(isset($_POST['staffonly']) && $_POST['staffonly'] == "1") {
$staffcheck = 1;
}
$photocheck = 0;
if(isset($_POST['photo']) && $_POST['photo'] == "1") {
$photocheck = 1;
}
$frontpagecheck = 0;
if(isset($_POST['frontpage']) && $_POST['frontpage'] == "1") {
$frontpagecheck = 1;
}
$starcheck = 0;
$d_month = substr($_POST['today_date'], 0, 2);
$d_day = substr($_POST['today_date'], 2, 2);
$d_year = substr($_POST['today_date'], 4, 2);
$strtime = $d_month . "/" . $d_day . "/" . $d_year;
$fixdate = date("Y-m-d", strtotime($strtime));
$mysql_pubdate = $_POST['pub_yy'] . "-" . $_POST['pub_mm'] . "-" . $_POST['pub_dd'];
if($_POST['source'] == 'ERROR-DONOTPROCESS') {
echo "Oops! You did not select a publication source. <br><br>
If you were trying to enter a source that is not on the list, you must select 'Other' <br>
from the dropdown menu, and then type the name of the publication in the box. If you were <br>
attempting to do something else, you apparently made a mistake -- one that you are unlikely to make again. <br><br>Sorry!";
die();
}
$news_source = $_POST['source']; ## By default, this is what they chose from the drop-down menu.
if($_POST['source'] == 'OTHER') { ## In case they chose the "other" option earlier.
$news_source = $_POST['source_other'];
}
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO clips (`date`, clipdate, url, category, `position`, link, datecode, publication, region, htype, mention, editorial, photo, frontpage, staffonly, star, headline, blurb) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($mysql_pubdate, "date"),
GetSQLValueString($fixdate, "date"),
GetSQLValueString($_POST['url'], "text"),
GetSQLValueString($_POST['category'], "text"),
GetSQLValueString($_POST['position'], "int"),
GetSQLValueString($link, "text"),
GetSQLValueString($_POST['today_date'], "text"),
GetSQLValueString($news_source, "text"),
GetSQLValueString($_POST['region'], "text"),
GetSQLValueString($_POST['htype'], "int"),
GetSQLValueString($_POST['mention'], "text"),
$editcheck,
$photocheck,
$frontpagecheck,
$staffcheck,
$starcheck,
GetSQLValueString($_POST['headline'], "text"),
GetSQLValueString($_POST['blurb'], "text"));
mysql_select_db($database_wow, $wow);
$Result1 = mysql_query($insertSQL, $wow) or die(mysql_error());
$articleid = mysql_insert_id();
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Add New Articles</title>
| <tr> |
| <td> </td> |
| <td valign="top" class="editz">Blurb:</td> |
| <td valign="top" class="editz"><textarea name="blurb" type="text" cols="45" rows="4" id="blurb"></textarea></td> |
| <td valign="top" class="editz"> </td> |
| </tr> |
| <tr> |
| <td> </td> |
| <td valign="top" class="editz"> </td> |
| <td valign="top" class="editz"> </td> |
| <td valign="top" class="editz"> </td> |
| </tr> |
| <tr> |
| <td> </td> |
| <td valign="top" class="editz">Story Category: </td> |
| <td valign="top" class="editz"><p> |
| <select name="category"> |
| <option value="Uncategorized">Please select a category from the list...</option> |
1
Reply
AdChoices