EllisLab text mark
Advanced Search
     
Error writing to database with % char from a post variable.
Posted: 27 October 2011 12:28 AM
Joined: 2010-10-03
3 posts

Hello,

I’m working ona project that creates CMS like pages.

But when the data includes a % char codeigniter writes it to database buggy.

for example.

HTML Part

<form name="myform" action="cms/save" method="post">
<
textarea name="mytext">here is some discount 50 off</textarea>
<
input type="submit" value="Send">
</
form

(Here I can’t write the orginal text because forum can’t save as required too. Orginal text must be without space between % and 50 )

cms.php :

<?

....

function 
save(){

$this
->db->query("update mycms set mytext=?",$this->input->post('mytext'));

}

......
?> 

Query works great but it saves the text to database like this : “here is some discount P off”
% char and the numbers are changing. I don’t know why this occurs.

The same error on the forum too, I have noticed that while I was previewing my post. You can check it too. Try to reply by writing “% 50” without space between % and 50.

Do you have an idea about this?

 
Posted: 27 October 2011 12:58 AM   [ # 1 ]   [ Rating: 0 ]
Avatar
Joined: 2009-02-19
4326 posts

Hmm, try:

$this->db->query("update mycms set mytext=?"html_entity_decode($this->input->post('mytext'))); 
 Signature 
 
Posted: 27 October 2011 07:11 AM   [ # 2 ]   [ Rating: 0 ]
Joined: 2010-10-03
3 posts

No This didn’t work for me, there is the same problem.

 
Posted: 27 October 2011 09:31 PM   [ # 3 ]   [ Rating: 0 ]
Joined: 2010-10-03
3 posts

It is so interesting.

Problem is not about database,

It is about form validation class and secuirty class.

This problem occurs after form validation because form validation runs xss_clean() function from Security class.

the $str = rawurldecode($str); line occurs this problem.

This error occurs if I use xss_clean option in form_validation.php