I was reading online that turning off magic quotes is the easy answer to a lot of escapes characters being added in the database like:
Email: href="\"\"\\"\\\\"\\\\\\\\"\\\\\\\\\\\\\\\\"\\\\
So I used a htaccess to turn off magic quotes: php_flag magic_quotes_gpc Off
The issue is that it completely broke my web page, the divs are merged, things are totally broken.
I know it's been asked a lot on this forum but I can't get the syntax right, this is what I have used in my save.php
<?php
include("db.php");
$content1 = $_POST['content1']; //get posted data
$content1 = mysql_real_escape_string($content1); //escape string
$content2 = $_POST['content2']; //get posted data
$content2 = mysql_real_escape_string($content2); //escape string
$content3 = $_POST['content3']; //get posted data
$content3 = mysql_real_escape_string($content3); //escape string
$content4 = $_POST['content4']; //get posted data
$content4 = mysql_real_escape_string($content4); //escape string
$content5 = $_POST['content5']; //get posted data
$content5 = mysql_real_escape_string($content5); //escape string
$content6 = $_POST['content6']; //get posted data
$content6 = mysql_real_escape_string($content6); //escape string
$content7 = $_POST['content7']; //get posted data
$content7 = mysql_real_escape_string($content7); //escape string
$content8 = $_POST['content8']; //get posted data
$content8 = mysql_real_escape_string($content8); //escape string
$content9 = $_POST['content9']; //get posted data
$content9 = mysql_real_escape_string($content9); //escape string
$content10 = $_POST['content10']; //get posted data
$content10 = mysql_real_escape_string($content10); //escape string
$content11 = $_POST['content11']; //get posted data
$content11 = mysql_real_escape_string($content11); //escape string
$content12 = $_POST['content12']; //get posted data
$content12 = mysql_real_escape_string($content12); //escape string
$content13 = $_POST['content13']; //get posted data
$content13 = mysql_real_escape_string($content13); //escape string
$content14 = $_POST['content14']; //get posted data
$content14 = mysql_real_escape_string($content14); //escape string
$content15 = $_POST['content15']; //get posted data
$content15 = mysql_real_escape_string($content15); //escape string
$content16 = $_POST['content16']; //get posted data
$content16 = mysql_real_escape_string($content16); //escape string
$content17 = $_POST['content17']; //get posted data
$content17 = mysql_real_escape_string($content17); //escape string
$content18 = $_POST['content18']; //get posted data
$content18 = mysql_real_escape_string($content18); //escape string
$content19 = $_POST['content19']; //get posted data
$content19 = mysql_real_escape_string($content19); //escape string
$content20 = $_POST['content20']; //get posted data
$content20 = mysql_real_escape_string($content20); //escape string
$content21 = $_POST['content21']; //get posted data
$content21 = mysql_real_escape_string($content21); //escape string
$sql = "UPDATE content SET text = LTRIM('$content1' WHERE element_id = '1') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content2' WHERE element_id = '2') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content3' WHERE element_id = '3') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content4' WHERE element_id = '4') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content5' WHERE element_id = '5') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content6' WHERE element_id = '6') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content7' WHERE element_id = '7') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content8' WHERE element_id = '8') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content9' WHERE element_id = '9') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content10' WHERE element_id = '10') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content11' WHERE element_id = '11') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content12' WHERE element_id = '12') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content13' WHERE element_id = '13') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content14' WHERE element_id = '14') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content15' WHERE element_id = '15') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content16' WHERE element_id = '16') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content17' WHERE element_id = '17') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content18' WHERE element_id = '18') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content19' WHERE element_id = '19') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content20' WHERE element_id = '20') ";
mysql_query($sql);
$sql = "UPDATE content SET text = LTRIM('$content21' WHERE element_id = '21') ";
mysql_query($sql);
------ UPDATE ----
Ok so I have scraped the above lengthy code, and this is what i am left in my save.php:
<?php
include("db.php");
for ($i = 1; $i < 21; $i++) {
$content = $_POST['content' . $i]; //get posted data
$content = mysql_real_escape_string($content); //escape string
$sql = "UPDATE content SET text = LTRIM('$content' WHERE element_id = $i)";
mysql_query($sql);
}
if (mysql_query($sql))
{
echo 1;
}
?>
However...It is not saving anymore, anyone can see a syntax error?
----- NEW UPDATE -----
Could it be that my ajax save.js needs updating?? Hence the Reason why I am getting an error save to DB, after I had updated the save.php with the "for" loop? Please see below code for save.js
$("#save").click(function (e) {
var content1 = $('.editable1').html();
var content2 = $('.editable2').html();
var content3 = $('.editable3').html();
var content4 = $('.editable4').html();
var content5 = $('.editable5').html();
var content6 = $('.editable6').html();
var content7 = $('.editable7').html();
var content8 = $('.editable8').html();
var content9 = $('.editable9').html();
var content10 = $('.editable10').html();
var content11 = $('.editable11').html();
var content12 = $('.editable12').html();
var content13 = $('.editable13').html();
var content14 = $('.editable14').html();
var content15 = $('.editable15').html();
var content16 = $('.editable16').html();
var content17 = $('.editable17').html();
var content18 = $('.editable18').html();
var content19 = $('.editable19').html();
var content20 = $('.editable20').html();
var content21 = $('.editable21').html();
$.ajax({
url: 'save.php',
type: 'POST',
data: {
content1: content1,
content2: content2,
content3: content3,
content4: content4,
content5: content5,
content6: content6,
content7: content7,
content8: content8,
content9: content9,
content10: content10,
content11: content11,
content12: content12,
content13: content13,
content14: content14,
content15: content15,
content16: content16,
content17: content17,
content18: content18,
content19: content19,
content20: content20,
content21: content21
},
success:function (data) {
if (data == '1')
{
$("#status")
.addClass("success")
.html("Data saved successfully")
.fadeIn('fast')
.delay(3000)
.fadeOut('slow');
}
else
{
$("#status")
.addClass("error")
.html("An error occured, the data could not be saved")
.fadeIn('fast')
.delay(3000)
.fadeOut('slow');
}
}
});
});
