0

I am using this code:

$image = mysqli_real_escape_string($dbc, $res[3][$i]);

Where $res[3][$i] is a url.

Then I store $image in a Mysql DB. But when I retrieve it, it's all messed up with the special characters... (my DB is in utf8).

How can I store a url in mysql and get it back exactly as it was?

Thanks

benoit
  • 1
  • 1
  • 6
  • First, have you verified that the data is truly incorrect in the database, by viewing it with a MySQL client, outside the context of PHP code? It may be inserted incorrectly, or it may be _displayed_ incorrectly by PHP or rendered incorrectly by the browser. It's important to identify where the failure occurs. – Michael Berkowski Apr 24 '17 at 20:36
  • See also [UTF-8 all the way through](http://stackoverflow.com/questions/279170/utf-8-all-the-way-through/279279#279279) – Michael Berkowski Apr 24 '17 at 20:36
  • yes the url is different before the insert and after the select... I don't know why mysqli_real_escape is not working here – benoit Apr 24 '17 at 20:44
  • @benoit Why aren't you using prepared statements? – Barmar Apr 24 '17 at 20:51
  • Actually I am, see below. Thanks for your time! – benoit Apr 24 '17 at 20:56
  • Wait, if you are using `mysqli_prepare()`, then you should _not_ be calling `mysqli_real_escape_string()` on the input values. The act of binding them as parameters in `mysqli_prepare()` precludes escaping. So doing both would result in strings full of `\\` characters – Michael Berkowski Apr 24 '17 at 21:33
  • Without mysqli_real_escape_string(), the result is the same, my url is all messed up anyways.. Do you have any idea? – benoit Apr 25 '17 at 05:51

1 Answers1

-1

Actually I am using prepared statement: $image = mysqli_real_escape_string($dbc, $res[3][$i]); $md5_of_title = md5($title);

        //$query = "INSERT IGNORE INTO scrap (date, journal, section, title, href, teaser, image, md5_of_title) VALUES (?, ?, ?, ?, ?, ?, ?, ?)";

        $query = "INSERT INTO scrap (date, journal, section, title, href, teaser, image, md5_of_title) VALUES (?, ?, ?, ?, ?, ?, ?, ?)";

        $stmt = mysqli_prepare($dbc, $query);

    /*i Integers;
    d Doubles;
    b Blobs;
    s Everything Else;*/

        mysqli_stmt_bind_param($stmt, "ssssssss", date('Y-m-d H:i:s'), $name, $section, $title, $href, $teaser, $image, $md5_of_title);

        mysqli_stmt_execute($stmt);
benoit
  • 1
  • 1
  • 6