French Characters are not saving in database via php

Question

I am using the MySQL and PHP to save posts into database. But when i write French language or any other characters in Description. It is not saving it. But Simple text is Saving perfectly.

This is my Connection file

DEFINE('DATABASE_USER', 'db_user');
DEFINE('DATABASE_PASSWORD', 'db_password');
DEFINE('DATABASE_HOST', 'localhost');
DEFINE('DATABASE_NAME', 'db_name');

date_default_timezone_set('UTC');

ini_set('SMTP', "mail.myt.mu"); // Overide The Default Php.ini settings for sending mail


//This is the address that will appear coming from ( Sender )
define('EMAIL', 'k4baber@hotmail.com');

/*Define the root url where the script will be found such as http://website.com or http://website.com/Folder/ */
DEFINE('WEBSITE_URL', 'http://haitibravo.com');


// Make the connection:
$dbc = @mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASSWORD,
    DATABASE_NAME);

if (!$dbc) {
    trigger_error('Could not connect to MySQL: ' . mysqli_connect_error());
}

I tried mysqli_real_escap() also $desc = mysqli_real_escape_string($_REQUEST['description']); But it is not saving at all . The HTML Form submits all the information to this File..

if(isset($_REQUEST["submit"])){

        $name = $_REQUEST['name'];
        $category = $_REQUEST['category'];
        $subcategory = $_REQUEST['items'];
        $desc = $_REQUEST['description'];
        $keywords = $_REQUEST['keywords'];
        $address = "NULL";
        $state = "NULL";
        $city = $_REQUEST['city'];
        $zones = $_REQUEST['zones'];
        $country = $_REQUEST['country'];
        $postcode = "0000";
        $phone = $_REQUEST['u_phone'];


        $image_name1 = $_FILES['image1']['name'];
        $image_size1 =$_FILES['image1']['size'];
        $image_tmp1 =$_FILES['image1']['tmp_name'];
        $image_name1='prog'.rand().$image_name1;
        move_uploaded_file($image_tmp1,'add_images/'.$image_name1);



        $image_name2 = $_FILES['image2']['name'];
        $image_size2 =$_FILES['image2']['size'];
        $image_tmp2 =$_FILES['image2']['tmp_name'];
        $image_name2='prog'.rand().$image_name2;
        move_uploaded_file($image_tmp2,'add_images/'.$image_name2);

        $image_name3 = $_FILES['image3']['name'];
        $image_size3 =$_FILES['image3']['size'];
        $image_tmp3 =$_FILES['image3']['tmp_name'];
        $image_name3='prog'.rand().$image_name3;
        move_uploaded_file($image_tmp3,'add_images/'.$image_name3);

        $price = $_REQUEST['price'];
        $date = date('Y-m-d');
        $u_id = $_SESSION['u_id'];
        $u_name= $_SESSION['u_name'];
        $status= "0";
        $flag = "0";
$mysql_query = "INSERT INTO `bravo_ads`(`ad_title`, `ad_category`, `ad_sub_cat`, `ad_description`, `ad_keywords`, `ad_address`, `ad_state`, `ad_city`, `ad_zone`, `ad_country`, `post_code`, `ad_img_1`, `ad_img_2`, `ad_img_3`, `ad_price`, `u_id`, `u_name`, `u_phone`, `ad_date`, `ad_status`, `flag`) VALUES ('$name','$category','$subcategory','$desc','$keywords','$address','$state', '$city', '$zones','$country','$postcode','$image_name1','$image_name2','$image_name3','$price','$u_id','$u_name', '$phone', '$date','$status','$flag')";

        $query_OK = mysqli_query($dbc, $mysql_query);

        if($query_OK){
            $message = '<div class="success"><b>Operation avec success...!</b> Votre produit a bien été posté . Il sera publié après approbation Administrateur</div>';

        }else{

            $message = '<div class="failed"><b>Operation échoué...!</b> Desoler, Votre produit nas pas ete afficher . Quelque chose a mal tourné . Veuillez réessayer plus encore</div>';
        }}

$desc, $name, $keywords These things creates issue when i try to save

Is the page and DB in UTF8? Can you provide the code you are attempting to write with and a string that fails? — chris85, Oct 24 '15 at 22:42
Collation and character set should be utf8, unless you are converting the non-ascii characters to entities. — chris85, Oct 24 '15 at 22:45
And when i save "Produits Électroniques, Voitures, Vêtements, Objets de colléction, Bons d'achat et autres achats en ligne" this as description. It fails — M.BABER Zaman, Oct 24 '15 at 22:45
Oh, okay so you are converting it to entities. Can you update the question with your current code? Does it throw a 500 or give any errors? — chris85, Oct 24 '15 at 22:46
It just say. Sorry. Operation failed. Means the error which i set to echo if fail — M.BABER Zaman, Oct 24 '15 at 22:48
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/93265/discussion-between-chris85-and-m-baber-zaman). — chris85, Oct 24 '15 at 22:49

score 1 · Accepted Answer · answered Oct 24 '15 at 23:42

First always check for errors on your query. Do do this use mysqli_error.

So in your else where you just output failure put in:

printf("Errormessage: %s\n", mysqli_error($dbc));

This will give you a detailed message of what is erring.

As you have stated this gave you

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'achat et autres achats en ligne | Bravo Market |Haiti Bravo|HaitBravo Produits' at line 1

Per your provided data as well

The Title (L'homme )
Keywords (L'homme, d'achat)
description (Produits Électroniques, Voitures, Vêtements, Objets de colléction, Bons d'achat et autres achats en ligne )

So the quote in L'homme is ending your your encapsulated value and then mysql is presuming homme is something it should know.

Since you only escaped the description this didn't help. You need to escape all inputs. A better approach is to use prepared statements.

This error you are encountering also is how SQL injections occur. User data should never be directly inputted into a SQL query.

So to put it all together.

if(isset($_REQUEST["submit"])){

        $name = mysqli_real_escape_string($dbc, $_REQUEST['name']);
        $category = mysqli_real_escape_string($dbc, $_REQUEST['category']);
        $subcategory = mysqli_real_escape_string($dbc, $_REQUEST['items']);
        $desc = mysqli_real_escape_string($dbc, $_REQUEST['description']);
        $keywords = mysqli_real_escape_string($dbc, $_REQUEST['keywords']);
        $address = "NULL";
        $state = "NULL";
        $city = mysqli_real_escape_string($dbc, $_REQUEST['city']);
        $zones = mysqli_real_escape_string($dbc, $_REQUEST['zones']);
        $country = mysqli_real_escape_string($dbc, $_REQUEST['country']);
        $postcode = "0000";
        $phone = mysqli_real_escape_string($dbc, $_REQUEST['u_phone']);


        $image_name1 = $_FILES['image1']['name'];
        $image_size1 =$_FILES['image1']['size'];
        $image_tmp1 =$_FILES['image1']['tmp_name'];
        $image_name1='prog'.rand().$image_name1;
        move_uploaded_file($image_tmp1,'add_images/'.$image_name1);



        $image_name2 = $_FILES['image2']['name'];
        $image_size2 =$_FILES['image2']['size'];
        $image_tmp2 =$_FILES['image2']['tmp_name'];
        $image_name2='prog'.rand().$image_name2;
        move_uploaded_file($image_tmp2,'add_images/'.$image_name2);

        $image_name3 = $_FILES['image3']['name'];
        $image_size3 =$_FILES['image3']['size'];
        $image_tmp3 =$_FILES['image3']['tmp_name'];
        $image_name3='prog'.rand().$image_name3;
        move_uploaded_file($image_tmp3,'add_images/'.$image_name3);

        $price = mysqli_real_escape_string($dbc, $_REQUEST['price']);
        $date = date('Y-m-d');
        $u_id = mysqli_real_escape_string($dbc, $_SESSION['u_id']);
        $u_name= mysqli_real_escape_string($dbc, $_SESSION['u_name']);
        $status= "0";
        $flag = "0";
$mysql_query = "INSERT INTO `bravo_ads`(`ad_title`, `ad_category`, `ad_sub_cat`, `ad_description`, `ad_keywords`, `ad_address`, `ad_state`, `ad_city`, `ad_zone`, `ad_country`, `post_code`, `ad_img_1`, `ad_img_2`, `ad_img_3`, `ad_price`, `u_id`, `u_name`, `u_phone`, `ad_date`, `ad_status`, `flag`) VALUES ('$name','$category','$subcategory','$desc','$keywords','$address','$state', '$city', '$zones','$country','$postcode','" . mysqli_real_escape_string($dbc, $image_name1) . "','" . mysqli_real_escape_string($dbc, $image_name2) . "','" . mysqli_real_escape_string($dbc,  $image_name3) . "','$price','$u_id','$u_name', '$phone', '$date','$status','$flag')";

        $query_OK = mysqli_query($dbc, $mysql_query);

        if($query_OK){
            $message = '<div class="success"><b>Operation avec success...!</b> Votre produit a bien été posté . Il sera publié après approbation Administrateur</div>';

        }else{
            printf("Errormessage: %s\n", mysqli_error($dbc));
            $message = '<div class="failed"><b>Operation échoué...!</b> Desoler, Votre produit nas pas ete afficher . Quelque chose a mal tourné . Veuillez réessayer plus encore</div>';
        }
}

This Worked Perfectly. Thank you So much @chris85 – M.BABER Zaman Oct 24 '15 at 23:49 — M.BABER Zaman, Oct 24 '15 at 23:49

French Characters are not saving in database via php

1 Answers1