MySql does not save all characters [closed]

1

I've implemented CKeditor in my textarea, but it is not saving the data correctly in the DB. The result looks like this:

If I write Test in bold, the result of the pure html would be: <p><strong>teste</strong></p> , but what you are saving in the BD is pstrongteste/strong/p , ie it is removing the < , any solution?

Change function:

    public function alterar($tabela, Array $dados, $condicoes){

    foreach ($dados as $key => $value) {
       $campos[] = "{$key}='".$value."'";
    }
    $campos = implode(", ", $campos);

    $SQL = " UPDATE '{$tabela}' SET $campos WHERE $condicoes ";

    $resultado = $this->query($SQL);

    return $this->affected_rows;
}

The function that writes the change:

public function alterar_grv(){

    $codigo = $this->post('codigo');

    $data_denuncia = $this->post('data_denuncia');
    $hora_denuncia = $this->post('hora_denuncia');
    $tipo_denuncia = $this->post('tipo_denuncia');
    $tipo_outro = $this->post('tipo_outro');
    $denuncia = $this->post('denuncia');        
    $editado_por = $this->_cod_usuario;

    $valida = new model_valida();


    $denuncia= ("$denuncia");

    //validacoes

    $time = time();

    if($tipo_outro){

        $tipo_denuncia = $this->post('tipo_outro');

    }


        $arraydata = explode("/", $data_denuncia);
        $diamontado = $arraydata[2].'-'.$arraydata[1].'-'.$arraydata[0];
        $data_denuncia = $diamontado;


    $db = new mysql();
    $db->alterar("denuncia", array(
        "data_denuncia"=>"$data_denuncia",
        "hora_denuncia"=>"$hora_denuncia",
        "tipo_denuncia"=>"$tipo_denuncia",
        "denuncia"=>"$denuncia",
        "pdf_denuncia"=>"$denuncia",
        "editado_por"=>"$editado_por"
    ), " codigo='$codigo' ");


    $this->irpara(DOMINIO.$this->_controller.'/detalhes/codigo/'.$codigo);
}

A textarea:

<textarea name="denuncia" type="text" rows="10" cols="80" id="editor1" class="form-control"><?=$data->denuncia?></textarea>

The post functions

 public function get($name){
        if(isset($this->_params[$name])){
            return $this->_params[$name];
        } else {
            return '';
        }
    }

    public function post($name){
        if(isset($_POST[$name])){
            $string = str_replace(array("<", ">", "\", "//", "#"), "", $_POST[$name]);
            $string = trim($string);
            $string = strip_tags($string);
            $string = (get_magic_quotes_gpc()) ? $string : addslashes($string);
            return trim($string);
        } else {
            return '';
        }
    }
    
asked by anonymous 19.09.2017 / 01:46

2 answers

1

You are using some functions that do exactly what is happening to you from the one you see in this snippet!

        $string = str_replace(array("<", ">", "\", "//", "#"), "", $_POST[$name]);
        $string = trim($string);
        $string = strip_tags($string);
        $string = (get_magic_quotes_gpc()) ? $string : addslashes($string);
    
19.09.2017 / 02:09
1

The correct method is you use the htmlentities method, it converts all applicable characters into HTML entities.

function post($html){
    return htmlentities($html, ENT_QUOTES);
}

$String = '<p>Hoje é um lindo dia!</p><p>Parece que vai chover amanhã!</p>';

echo post($String);

The above example will return:

&lt;p&gt;Hoje &eacute; um lindo dia!&lt;/p&gt;&lt;p&gt;Parece que vai chover amanh&atilde;!&lt;/p&gt;

See working at ideone .

Reference

19.09.2017 / 02:18