Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> PHP
Author Message
hicuxunicorniobestbuildpc
Life Cycles Becoming CPU Cycles


Joined: Aug 13, 2009
Posts: 967
Location: Netherland

PostPosted: Sun Oct 05, 2014 6:19 am Reply with quote

I have this line

Code:
$string=" WHERE news_cat='$catid' AND news_title LIKE '%$searchnews%'";


I converted like this

Code:
$string = ' WHERE `news_cat` = \'' . $catid . '\' AND `news_title` LIKE '%$searchnews%'';
This one doesn't work

Code:
$string = ' WHERE `news_cat` = \'' . $catid . '\' AND `news_title` LIKE '"%$searchnews%"';
This one doesn't work neither.

I wonder why. Is there anything am I doing wrong? What is the correct answer?

The problem is solved

I made it like this.

Code:
$string = ' WHERE `news_cat` = \'' . $catid . '\' AND `news_title` LIKE \'%' . $searchnews . '%\'';
 
View user's profile Send private message Visit poster's website
djmaze
Subject Matter Expert


Joined: May 15, 2004
Posts: 719
Location: http://tinyurl.com/5z8dmv

PostPosted: Sun Oct 05, 2014 7:03 am Reply with quote

Why convert it anyway?
 
View user's profile Send private message Visit poster's website
hicuxunicorniobestbuildpc
PostPosted: Sun Oct 05, 2014 7:23 am Reply with quote

because of many typo errors and validation errors I still get with multiheadlines modules. I guess I am the only one who cares about it.

Take a look at what I did already.
Only registered users can see links on this board! Get registered or login!

I fixed this part as well and everything has been converted to single quotes to get a clean file

Code:
function RSSAd(){

   global $db, $prefix, $conf, $user, $module_name;
   if (($conf["anonsubmit"]=="submit") || (is_user($user))) {
      $url=check_html($_POST["submitURL"], "nohtml");
      $titlesite=check_html($_POST["titlesite"], "nohtml");
      $cat=intval($_POST["select_categ"]);
      OpenTable();
      if (($url=='') || ($titlesite=='') || ($cat==-1)) {
         echo '<center><b>'._MH_SUBMERROR.'</b></center>';
      } else {
         echo '<center><b>'._MH_SUCCESRSSSUB.'</b></center>';
      }
      CloseTable();
      OpenTable();
      if ($url=='') {
         echo _MH_INVALIDURL.'<br /><br /><a href="javascript:history.go(-1)">'._MH_GOBACK.'</a>'._MH_CHANGEIT;
      } elseif ($titlesite=='') {
         echo _MH_PLENTTIT.'<br /><br /><a href="javascript:history.go(-1)">'._MH_GOBACK.'</a>'._MH_ENTTITFSITE;
      } elseif ($cat=='-1') {
         echo _MH_PLSELCAT.'<br /><br /><a href="javascript:history.go(-1)">'._MH_GOBACK.'</a>'._MH_ANDSELONE;
      } else {
         $siteurl = ereg_replace("http://","",$url);
         $siteurl = explode("/",$siteurl);
         $site = check_html("http://".$siteurl[0], "nohtml");
         $db->sql_query("INSERT INTO ".$prefix."_multiheadlines_urls (urls_title, urls_site, urls_url, urls_image, urls_categ, urls_active)   VALUES ('".mysql_real_escape_string($titlesite)."', '".mysql_real_escape_string($site)."', '".mysql_real_escape_string($url)."', '', '".intval($cat)."', '0')");   
         echo _MH_THANKYOUSUB.'<br /><br /><center><a href="modules.php?name='.$module_name.'&amp;rss=ShowCateg">'._MH_DONE.'</a></center>';
      }
      CloseTable();
   }
}


NEW ONE with Single Quotes and using mysqli

Code:
function RSSAd(){

  global $db, $prefix, $conf, $user, $module_name;
  if (($conf['anonsubmit'] == 'submit') || (is_user($user))) {
    $url = stripslashes(check_html($_POST['submitURL'], 'nohtml'));
    $titlesite=stripslashes(check_html($_POST['titlesite'], 'nohtml'));
    $cat = stripslashes(check_html($_POST['select_categ'], 'nohtml'));
    OpenTable();
    if (($url == '') || ($titlesite == '') || ($cat == '1')) {
      echo '<div class="text-center"><b>' , _MH_SUBMERROR , '</b></div>';
    } else {
      echo '<div class="text-center"><b>' , _MH_SUCCESRSSSUB , '</b></div>';
    }
    CloseTable();
    OpenTable();
    if ($url == '') {
      echo '' , _MH_INVALIDURL , '<br /><br /><a href="javascript:history.go(-1)">' , _MH_GOBACK , '</a>' , _MH_CHANGEIT;
    } elseif ($titlesite == '') {
      echo _MH_PLENTTIT , '<br /><br /><a href="javascript:history.go(-1)">' , _MH_GOBACK , '</a>' , _MH_ENTTITFSITE;
    } elseif ($cat == '1') {
      echo _MH_PLSELCAT , '<br /><br /><a href="javascript:history.go(-1)">' , _MH_GOBACK , '</a>' , _MH_ANDSELONE;
    } else {
      $siteurl = preg_replace('~http://~','',$url);
      $siteurl = explode('/',$siteurl);
      $site = stripslashes(check_html("http://".$siteurl[0], "nohtml"));
      $row = $db->sql_fetchrow($db->sql_query('SELECT * FROM `' . $prefix . '_multiheadlines_categ` WHERE `categ_title` = \'' . $cat . '\''));
      $catid=intval($row['categ_id']);
      $db->sql_query("INSERT INTO ".$prefix."_multiheadlines_urls (urls_title, urls_site, urls_url, urls_image, urls_categ, urls_active)   VALUES ('".$db->sql_escape_string($titlesite)."', '".$db->sql_escape_string($site)."', '".$db->sql_escape_string($url)."', '', '".intval($cat)."', '0')");
      echo _MH_THANKYOUSUB , '<br /><br /><div class="text-center"><a href="modules.php?name=' , $module_name , '&amp;rss=ShowCateg">' , _MH_DONE , '</a></div>';
    }
    CloseTable();
  }
}
 
neralex
The Mouse Is Extension Of Arm


Joined: Aug 22, 2007
Posts: 1328
Location: Germany

PostPosted: Sun Oct 05, 2014 12:20 pm Reply with quote

Yes you are the only one! lol
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> PHP

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©