|
|
|
|
Thread title: Inserting Arabic in Mysql by php form problem |
|
|
|
|
|
Thread tools
Search this thread
Display Modes
|
|
12-26-2009, 11:33 PM
|
#1
|
Status: Junior Member
Join date: Jun 2009
Location:
Expertise:
Software:
Posts: 98
|
Inserting Arabic in Mysql by php form problem
hey,
If i insert the arabic text manually to mysql using PHPMyAdmin then it displays right.
and if i fetch this data into my page it also displays right
But if i insert it to mysql using PHP form then it shows as {Ù…Ø*سن}
I googled a lot and i put all the required stuff as meta tags and choosing the right collation in mysql (UTF8-Unicode) but still shows wrong!
Any solution?
Thanks in advance
|
|
12-27-2009, 12:06 AM
|
#2
|
Status: Request a custom title
Join date: Apr 2007
Location: UK
Expertise: Code & Programming
Software: Coda, TextMate, Sublime 2
Posts: 2,097
|
Is your mysql table UTF8? Sometimes it can be latin, which won't work
|
|
12-27-2009, 12:14 AM
|
#3
|
Status: Junior Member
Join date: Jun 2009
Location:
Expertise:
Software:
Posts: 98
|
Originally Posted by Gaz
Is your mysql table UTF8? Sometimes it can be latin, which won't work
|
my mysql table is utf8_general_ci, and i tried to make it latin and it also not working
i don't what to do
really dude i need to solve this
|
|
12-27-2009, 12:22 AM
|
#4
|
Status: Member
Join date: Mar 2009
Location: Yorkshire
Expertise: Web Development
Software:
Posts: 275
|
Check the mysql connection's character set (login to phpmyadmin and it's displayed on that first page). It's probably not utf8 if you're getting those issues. Also I think there's a few cases where it's best to use utf8_unicode_ci, despite it being *slightly* slower, so perhaps try that. Also check the charset being output in your http headers and your html <head> is utf8.
|
|
12-27-2009, 12:29 AM
|
#5
|
Status: Junior Member
Join date: Jun 2009
Location:
Expertise:
Software:
Posts: 98
|
Originally Posted by 46Bit
Check the mysql connection's character set (login to phpmyadmin and it's displayed on that first page). It's probably not utf8 if you're getting those issues. Also I think there's a few cases where it's best to use utf8_unicode_ci, despite it being *slightly* slower, so perhaps try that. Also check the charset being output in your http headers and your html <head> is utf8.
|
checked also not working,
please more ideas
|
|
12-27-2009, 12:32 AM
|
#6
|
Status: Member
Join date: Mar 2009
Location: Yorkshire
Expertise: Web Development
Software:
Posts: 275
|
Any chance of a live example?
|
|
12-27-2009, 12:55 AM
|
#7
|
Status: Junior Member
Join date: Jun 2009
Location:
Expertise:
Software:
Posts: 98
|
Originally Posted by 46Bit
Any chance of a live example?
|
this is the page for registering people and there is some arabic words so don't be surprised
PHP Code:
<?php include("includes/initialize.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="css/style.css" type="text/css" media="screen" />
<title>شارك عربى</title>
</head>
<body>
<?php
if($session->is_logged_in()) {
redirect_to("index.php");
}
if(isset($_POST['submit']))
{
$user_registered = $_POST['user_registered'] = strftime("%Y-%m-%d %H:%M:%S", time());
$user_login = mysql_real_escape_string($_POST['user_login']);
$user_pass = md5($_POST['user_pass']);
$user_re_pass = md5($_POST['user_re_pass']);
$email_address = mysql_real_escape_string($_POST['email_address']);
/*- First process if this user already exist canel the proccing -*/
$getusers = $database->query("SELECT * FROM users WHERE user_login = '".$user_login."'");
if($database->num_rows($getusers) == 1)
{
$error = "<div id='error'>اسم المستخدم موجود لدينا مسبقاً.</div>";
}
elseif(empty( $_POST['user_login'] ) || empty( $_POST['user_pass'] ) || empty( $_POST['user_re_pass']) || empty( $_POST['email_address'] ) )
{
$error = "<div id='error'>رجاء كتابة جميع الحقول</div>";
}
elseif($_POST['user_pass'] != $_POST['user_re_pass'])
{
$error = "<div id='error'>كلمة المرور لم تتابق الاخرى.</div>";
}
elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email_address))
{
$error = "<div id='error'>رجاء ادخال البريد الالكترونى صحيح</div>";
}
else
{
$register = users::add_user($user_registered, $user_login, $user_pass, $email_address);
if($register)
{
mkdir('users/'.$_POST['user_login'], 0777);
$congrats = "<div id='congrats'>مبروك, يمكنك الان <a href='login.php'>الدخول</a>";
}
}
}
else{
$user_login = "" ;
$email_address = "" ;
}
?>
<div id="header-outer">
<div id="header-inner">
<h2><a href="index.php">شارك عربى</a></h2>
</div>
</div>
<div id="toplinks">
<div id="toplinks-inside">
<p>ادخل البينات التاليه:</p>
</div>
</div>
<div id="content-inner">
<div id="registry-box">
<?php get_result(); ?>
<form method="post" action="register.php" id="register-form-box">
<table>
<tr style="float:right; clear:both;">
<td><input type="text" id="user_login" name="user_login" class="form" value="<?php echo $user_login; ?>" /></td>
<td><label for="user_login" class="label-style">اسم المستخدم:</label></td>
</tr>
<tr style="float:right; clear:both;">
<td><input type="password" id="password" name="user_pass" class="ltr-form" /></td>
<td><label for="password" class="label-style">كلمة المرور:</label></td>
</tr>
<tr style="float:right; clear:both;">
<td><input type="password" id="user_re_pass" name="user_re_pass" class="ltr-form" /></td>
<td><label for="user_re_pass" class="label-style">تاكيد كلمة المرور:</label></td>
</tr>
<tr style="float:right; clear:both;">
<td><input type="text" id="email_address" name="email_address" class="ltr-form" value="<?php echo $email_address; ?>"/></td>
<td><label for="email_address" class="label-style">البريد الالكترونى:</label></td>
</tr>
<tr style="float:left; clear:both;">
<td><input type="submit" name="submit" value="تسجيل" class="button" /></td>
</tr>
</table>
</form>
</div>
</div>
</body>
</html>
and this is the table with the shit
and this is the page screenshot
if u need more info just tell me what u need
|
|
12-27-2009, 01:26 AM
|
#8
|
Status: Member
Join date: Mar 2009
Location: Yorkshire
Expertise: Web Development
Software:
Posts: 275
|
I suspect your app will have some rather bad vulnerabilities when you've just created a directory with the name entered by a user without any sort of directory traversal/etc prevention. Admittably not the easiest thing to exploit, but it certainly doesn't give any sort of confidence as to the rest of the app.
Anyway, if you're referring to phpmyadmin displays utf8 wrong, I've always had that ... afaik it's normal. If your output script is doing it wrong there's an issue, but if it's just phpmyadmin I think that's normal.
|
|
12-27-2009, 01:45 AM
|
#9
|
Status: Junior Member
Join date: Jun 2009
Location:
Expertise:
Software:
Posts: 98
|
Originally Posted by 46Bit
I suspect your app will have some rather bad vulnerabilities when you've just created a directory with the name entered by a user without any sort of directory traversal/etc prevention. Admittably not the easiest thing to exploit, but it certainly doesn't give any sort of confidence as to the rest of the app.
Anyway, if you're referring to phpmyadmin displays utf8 wrong, I've always had that ... afaik it's normal. If your output script is doing it wrong there's an issue, but if it's just phpmyadmin I think that's normal.
|
u can give me mush good feature about what u mentioned? .
but about the phpmyadmin thing i'll leave it for a while
thanks
|
|
12-27-2009, 01:53 AM
|
#10
|
Status: Member
Join date: Mar 2009
Location: Yorkshire
Expertise: Web Development
Software:
Posts: 275
|
PHP Code:
mkdir('users/'.$_POST['user_login'], 0777);
Guess why that's wrong? If you don't know and/or don't care, you really shouldn't be freelancing. It's certainly not the most critical vulnerability ever, but when file traversal prevention there would be so incredibly easy (just md5, sha1, base64_encode, etc the username) not even requiring any proper validation, it's really just silly and makes me wonder what else there might be elsewhere is in your code.
EDIT: Apologies if you do validation in users::add, I missed that key point when skimming the code but even so I suspect that you don't bearing in mind that you've already done some basic validation of fields in the form above.
|
|
|
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
|