I've spent 16 hours easy trying to fix this code our "backend" developer wrote. I do front end, but I've inherited this. This app stores user input and then outputs it from the database. It breaks if there are single or double quotes. I'm near certain it's from this file but I cannot for the life of me figure it out and I'm at the end of my rope trying to fix it.
include('dbconx.php');
$data = json_decode($_POST['pageData']);
# find entry that matches the currently selected page and get all of its data
//$query = "SELECT * FROM pages WHERE modNum = '0' AND pageNum = '1' AND courseName = 'chum";
$query = "SELECT * FROM pages WHERE modNum = '".$data->{'modNumber'}."' AND pageNum = '".$data->{'pageNumber'}."' AND courseName = '".$data->{'course'}."'";
$result = mysqli_query($db_conx, $query) or die(mysqli_error($db));
//error is ultimately here
while($row = mysqli_fetch_assoc($result)){
// $dataDecoded = json_decode($row['pageData']);
// $dataEncoded = json_encode($dataDecoded);
// echo $dataEncoded;
$dataDecoded = json_decode(real_escape_string($row['pageData']));
$dataEncoded = json_encode($dataDecoded);
echo $dataEncoded;
}
?>
<?php
#close db link
mysqli_close($db_conx);
Aucun commentaire:
Enregistrer un commentaire