Joshua F Posted November 24, 2010 Share Posted November 24, 2010 I am making a simple script for my friend that uses mod_rewrite, but for testing I don't use the mod_rewrite link. The page is video.php The extension is ?title= I have having a problem when I type the title with a Single Quote in it('). Example. video.php?title=The-Sorcerer's-Apprentice I have str_replace for the dash(-) to be replaced as a space, so that's not the problem. Here's my code. <?php if($_GET) { $title="{$_GET['title']}"; $title = str_replace('_', ' ', $title); $title = str_replace('-', ' ', $title); if ($list = mysql_query("SELECT * FROM videos WHERE title='". mysql_real_escape_string($title) ."'") or die (mysql_error())); { if(mysql_num_rows($list) > 0){ if (mysql_num_rows($list)) { while($videos=mysql_fetch_array($list)) { ?> <div id="content"> <center><h3><?php echo $videos['title']; ?></h3> <object width="640" height="385"><param name="movie" value="<?php echo $videos['youtubelink']; ?>"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="<?php echo $videos['youtubelink']; ?>" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="385"></embed></object> <br/><br/><a onclick="javascript:history.go(-1)" href="#">Go Back</a> </center> </div> <?php } } } ?> Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted November 24, 2010 Share Posted November 24, 2010 Where are you having the problem? Quote Link to comment Share on other sites More sharing options...
Joshua F Posted November 25, 2010 Author Share Posted November 25, 2010 It's not loading the information. It just says page not found. Here's the updated code with the error messages. <?php if($_GET) { $title="{$_GET['title']}"; $title = str_replace('_', ' ', $title); $title = str_replace('-', ' ', $title); if ($list = mysql_query("SELECT * FROM videos WHERE title='". mysql_real_escape_string($title) ."'") or die (mysql_error())); { if(mysql_num_rows($list) > 0){ if (mysql_num_rows($list)) { while($videos=mysql_fetch_array($list)) { ?> <div id="content"> <center><h3><?php echo $videos['title']; ?></h3> <object width="640" height="385"><param name="movie" value="<?php echo $videos['youtubelink']; ?>"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="<?php echo $videos['youtubelink']; ?>" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="385"></embed></object> <br/><br/><a onclick="javascript:history.go(-1)" href="#">Go Back</a> </center> </div> <?php } } else { echo 'Page not found.'; } } else { echo 'Page not found.'; } ?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 25, 2010 Share Posted November 25, 2010 I don't see where you connect to the database in that script. Is that done prior to that? Does it work with any other input, and only choke on a word with a single quote? Quote Link to comment Share on other sites More sharing options...
btherl Posted November 25, 2010 Share Posted November 25, 2010 Is the title you're looking for in the database, with the single quote included? Quote Link to comment Share on other sites More sharing options...
Joshua F Posted November 25, 2010 Author Share Posted November 25, 2010 It connects to database from an include at the top of the page. And if I do video.php?title=Prince-of-Persia it works. And, yes it is btherl. Quote Link to comment Share on other sites More sharing options...
btherl Posted November 25, 2010 Share Posted November 25, 2010 Can you please modify your code to indicate how many rows are returned from the sql query. Quote Link to comment Share on other sites More sharing options...
Joshua F Posted November 25, 2010 Author Share Posted November 25, 2010 Can you please modify your code to indicate how many rows are returned from the sql query. If I could do that, I wouldn't have this problem. I think. Quote Link to comment Share on other sites More sharing options...
btherl Posted November 25, 2010 Share Posted November 25, 2010 Ok, add the following code after the query, but before the "if" conditions following the query: print "The query returned " . mysql_num_rows($list) . " rows<br>"; And show us what the script output is. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 25, 2010 Share Posted November 25, 2010 Change the single quote to "'" ? Quote Link to comment Share on other sites More sharing options...
Joshua F Posted November 25, 2010 Author Share Posted November 25, 2010 Ok, add the following code after the query, but before the "if" conditions following the query: print "The query returned " . mysql_num_rows($list) . " rows<br>"; And show us what the script output is. It says it returned 1 row, and displayed it. But now if I go to the mod_rewrite link, it gives the 404 error page. Quote Link to comment Share on other sites More sharing options...
btherl Posted November 25, 2010 Share Posted November 25, 2010 Then I think your problem is with mod_rewrite, not with php. Can you show the code you are using with mod_rewrite? Quote Link to comment Share on other sites More sharing options...
Joshua F Posted November 25, 2010 Author Share Posted November 25, 2010 Then I think your problem is with mod_rewrite, not with php. Can you show the code you are using with mod_rewrite? Here's the code. It works for all of the other without the Single Quote. RewriteEngine on RewriteRule ^video-([a-zA-Z0-9_-]+)\.mfo$ video.php?title=$1 Figured it out was I was typing this, I forgot to make it accept '. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.