I would like to fetch some text with special characters ('´ñ)
from a form in html
. This will go to a codigo.php
that will be in charge of inserting it into a database MySQL
.
The thing is that I've tried a thousand ways to do it and I can't get it to be inserted or picked up... and I don't know what else to do.
Html code:
<head>
<title></title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
</head>
<body>
<form action="codigo.php" method=POST name=Entrada enctype="multipart/form-data">
<input name="cad" maxlength="5" size="3"/>
<textarea name="text"></textarea>
<input id=enviar type=submit value=Publicar />
</form>
PHP code:
$text=utf8_encode($_POST["text"]);
$cad=utf8_encode($_POST["cad"]);
echo $text." ".$cad; // Imprime sin problemas las variables
$servidor
$usuario
$pass
$bbdd
$conexion=mysqli_connect($servidor,$usuario,$pass,$bbdd) or die ("Error 505 NOT FOUND");
$sql="INSERT into datos ('texto','cadenas') VALUES ('$text','$cad')";
$tabla=mysqli_query($conexion,$sql);
Database:
Both the database and its tables are in latin2_general_ci
.
If your collation is
latin2_general_ci
(ISO 8859-2
, doesn't support neitherñ
nor¡
) then I recommend that all your code work with it and don't use neitherutf8_encode
norutf8_decode
since it won't have any effect:I've added the correct way to avoid SQL failure when characters that can close the query (such as
'
) are received using prepared queries. With this code you will also avoid SQL injection problems .I have also reinforced the code to show the error that a query can cause (in your case it was giving you an SQL syntax error that you were not showing at any time).
Summary and proposed solution
The main problem you suffer from is injecting strings directly into the SQL query, which means that if there are SQL characters in the query (such as the closing string
'
), the SQL query will have a syntax error and will not be executed.To fix this, use prepared queries with
mysqli_prepare()
. If you insist on adding strings directly to SQL, at least usemysqli_real_escape_string()
.The second is related to the strings you have to test. For example, there is no way to encode
¡Caña! to'
(inISO 8859-15
) in the character setISO 8859-2
, appearing insteadĄCańa! to'
.In the string
'´ñ
of your question there is no character´
neither inISO-8859-2
nor inISO-8859-15
, so it will be impossible to store it with said collation or character set.To solve it I recommend that you change everything to
utf-8
(collationutf8_general_ci
) and that both your pages and databases, tables, etc share the same character set. You'll support many more languages, including emoticons and symbols (like ☀, ☎, ☘, ☺, etc), and you won't be limited to just 256 characters (of which only a small portion are actually useful).Here you have a link to the character table of
ISO-8859-2
, and here the one ofISO-8859-15
. You will be able to check the limitation of using either of the two.Database conversion
You will need to run the following SQL queries to change the default database and table collation:
Note that converting from almost any character set to
utf-8
is possible, but the opposite conversion (iso-8859-2
back to, for example) could fail and there could be data loss from using characters that could not be encoded to that set.Modifications in the HTML/PHP
Once the default collation (or character set) of the database and the table is corrected, you can change the character set of the PHP files (not all editors support the latter, I recommend
Atom
,Notepad++
, etc) and make the following changes:With these changes you will have your entire application converted to
utf-8
and therefore support practically any character from any language or special symbol.Adding the accept-charset="utf-8" option to the form.
If
echo
you throw your data correctly, it means that youhtml
are fine, try to change theBD
aIn this way it is working for me, as you indicate that you have the db: