[RESOLVED] Title only showing first word once sent to database

Smudly

Users can type in a url in my form, along with a title for that url (anything they want). For the title however, once it is stored into the database, all that is shown is the first word. How can I fix this?

This is what my code looks like:

Code: [Select]
$title = str_replace(' ','%20',$title);

dagon

firstly check if its stored correctly in the db

zypher11

If your going to be using it in the url simply use the urlencode() and urldecode() functions.

How are you submitting the data to the database? what is the type and length of the DB column your putting the title into? and can you post the form and script used to submit the data to the DB

Smudly

Here are the two pages of code. Hopefully this gives a better idea of what is going on.

// sites.php //

<?php
session_start();



$submit = $_POST['submit'];

$title = $_POST['title'];
$title = str_replace(' ','%20',$title);
$url = strip_tags($_POST['url']);
$credits = strip_tags($_POST['credits']);



//////////////////////////////

if ($submit)
{

include('inc/connect.php');

$userid = $_SESSION[userid];




// Check if URL is Valid
if (preg_match("/^(http(s?):\/\/|ftp:\/\/{1})((\w+\.){1,})\w{2,}$/i", $url)) {

          //Check if URL is a Duplicate for current user			
		$results = mysql_query("SELECT * FROM `websites` WHERE `userid`='$userid' AND `url`='$url'");
                    $rows = mysql_num_rows($results);


		if ($rows<=0)
		{

			//mysql_query("INSERT INTO websites VALUES ('','$userid','$url','$credits','','','','$title')") or die("Error submitting url, try again");
                            //echo "Your Site Has Been Submitted";
                            header("Location: confirmsite.php?url=$url&credits=$credits&title=$title");
                            exit();

		}
		else{
			echo "You have already submitted that site";
		}
	}
else {
	echo "Invalid URL";
	}
}

?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="styles/sites.css" />
</head>
<body>

<form action="sites.php" method="POST">
      <div id="sites">
           URL: <input type="text" name="url" value="http://"><br />
           Title: <input type="text" name="title" maxlength="60" value="<?php echo $title ?>"><br />
           Max Views Daily: <input type="text" maxlength="11" name="credits" value="<?php echo $credits ?>"><br />

       <input type="submit" name="submit" value="Submit Site">

  </div>
</form>

</body>
</html>

// confirmsite.php //

<?php
session_start();
$url = $_GET['url'];
$confirm = $_GET['confirm'];
$credits = $_REQUEST['credits'];
$title = $_REQUEST['title'];


if (isset($confirm)){
include('inc/connect.php');

$queryconfirm = mysql_query("INSERT INTO websites VALUES ('','$_SESSION[userid]','$url','$credits','','y','','$title')") or die("Error submitting url, try again");
echo "<meta http-equiv=\"refresh\" content=\"0;url=sites.php\">";
exit;

}


?>

<html>
<head>
<link rel="stylesheet" type="text/css" href="styles/surfbar.css" />
<title>Confirm Website</title>
<script type="text/javascript">

var time = 10;

function startCountdown(){
    var t = setTimeout("countdown()", 1000);
}

function countdown(){
var uRl = "<?php echo $url;?>";
var cRedits = "<?php echo $credits;?>";
var tItle = "<?php echo $title;?>";

--time;
if(time == 0){
    document.getElementById("countdown").innerHTML = "<a href=?confirm&url=<?php echo $url;?>&credits=<?php echo $credits;?>&title=<?php echo $title;?> name=confirm>Confirm</a>";

}else{
    document.getElementById("countdown").innerHTML = time;
    var t = setTimeout('countdown()', 1000);
}
}
</script>

</head>
<body onload="startCountdown();">
<table width="100%" height="100%" cellspacing="0" cellpadding="0" border="0">
<?php

echo "<tr><td style=\"background:#333333;height:80px;border-bottom:#aaaaaa solid 2px;\">";
include('confirmbar.php');
echo "</td></tr>";
?>

<tr><td>
<iframe src="<?php echo $url;?>" width="100%" height="100%" frameborder="0" marginwidth="0" marginheight="0">
  <p>Your browser does not support iframes.</p>
</iframe>
</td></tr>

</table>
</body>

</html>

My Database is as follows:

Database name: websites

Field Type Null Default Comments
id int(11) No
userid int(11) No
url varchar(2083) No
credits int(11) No 0
stats int(11) No 0
active tinytext No
status text No
title varchar(50) No

Thanks

bradgrafelman

As expected, the problem is due to invalid HTML:

"<a href=?confirm&url=<?php echo $url;?>&credits=<?php echo $credits;?>&title=<?php echo $title;?> name=confirm>Confirm</a>";

All attributes' values must be quoted.

EDIT: Also note that whenever you're outputting dynamic information into an HTML document, you should use a function like [man]htmlentities/man so that the data doesn't break your HTML markup.

Smudly

How would I fix that line of code? I'm not sure where the quotes are supposed to go.

This is what I tried:

"<a href=?confirm&url='<?php echo $url;?>'&credits='<?php echo $credits;?>'&title='<?php echo $title;?>' name='confirm'>Confirm</a>";

I'm sure it's wrong. An example of how to fix it would be greatly appreciated

bradgrafelman

The entire attribute needs a quoted value... simple example:

<a href=this value isn't quoted! bad.>oops</a>

verus:

<a href="this value has been quoted!">hooray</a>

Also note that you should be using [man]urlencode/man on any data you're putting into a URL string.

Smudly

Yes!! That fixed it. Thank you very much!

bradgrafelman

Glad we could help. Don't forget to mark this thread resolved (if it is) using the link on the Thread Tools menu above.