0

I'm very confused with the way Chrome->PHP->SQL Server handles a bullet symbol. It appears that a bullet symbol is intrepreted differently among the three and SQL Server fails to INSERT my string containing a bullet symbol.

Say I have a form that has an input textbox field with maxlength='50' and I'm using chrome to fill it out. I fill out the textbox with a string that's up to 49 characters, plus a bullet symbol. Chrome interprets that as 50 characters and allows me to move on; however, when I submit through PHP to execute my INSERT query with a $_POST['string'] explicitly (without any sanitization/truncation/conversion), SQL Server fails.

SQLSTATE[22001]: [Microsoft][ODBC Driver 11 for SQL Server][SQL Server]String or binary data would be truncated.

I believe it's due to SQL Server interpreting the bullet as more than one character, as opposed to how Chrome interpreted it. What is good practice or a standard rule of thumb to get around this?

Note: I'm running PHP 5.4.24 and SQL Server 2008 R2.

Ben
  • 2,314
  • 1
  • 19
  • 36
theflarenet
  • 642
  • 2
  • 13
  • 27
  • 1
    Ignoring what Chrome thinks for a moment, have you checked on the PHP side (before submitting to the DB) to see what it believes the submitted string length is? – Rob Wilkins Feb 21 '17 at 05:45
  • `maxlength='50'` means up to 50 characters, not 49. – Spoike Feb 21 '17 at 07:20
  • @RobWilkins I've done a strlen("•") and it appears to count it as 3 characters instead of one. Any way around this or is there some kind of conversion I should consider before I insert it in my database table? – theflarenet Feb 22 '17 at 04:36
  • @theflarenet -- this may be an encoding issue. I found a similar issue being discussed on Stack, perhaps it will help -- http://stackoverflow.com/questions/11674531/trying-to-stop-bullets-in-textareas-from-entering-my-database-as-special-charact – Rob Wilkins Feb 25 '17 at 07:24

0 Answers0