Forum Moderators: coopster
I’m admittedly new to php, but was hoping someone could clarify what appears to be a magic quote issue I’m having. I’m attempting to $_post a query to a ‘export to excel’ page, but my query is escaping at the first set of double quotes. Example:
Php_page1->
$query = ‘SELECT * FROM table WHERE first = "something" AND second = “else"’;
<FORM ACTION="exportToExcel.php" METHOD=POST>
<input type="hidden" name="query" value="<?php echo ($query);?>">
<input type="submit" value="Export to Excel">
</form>
Php_page2 exportToExcel.php->
If I do an echo here, yes, you guessed it, my query is now truncated to: SELECT * FROM table WHERE first =
I’ve checked, and Magic quotes gpc is off. Anyone willing to tell me how to get my whole query (including quotes) to page 2? I’m not sure if this is a security issue, but it will only be used in a work environment, so not really worried about hackers (would be nice to know how to do it the ‘right’ way, though =)
p.s. there’s a good tutorial for exporting to excel here…
[phpfreaks.com...]
Try using apostrophes and removing the double quotes. Like this:
$query = "SELECT * FROM table WHERE first = 'something' AND second = 'else'";
dc
Dreamcatcher, with a little bit of fiddling, your solution worked. Switching out the double quotes allowed the $_post to work properly, but I had to do a str_replace to switch them back for BinaryStar's excel export script to function.
I'm sure it's possible to re-write the export code to avoid the str_replace, but I'm just happy it's finally doing what I expect!
NomikOS, thanks for the good tips! I appreciate you taking the time to help clarify the magic quote mystery =)
Cheers!
dc
[webmasterworld.com...]
especially coopster's enlightening messages
