How to use string variable that have special character "#" in select query statement mysql php

View Original 

<?php

include('dbLink2.php');


$quizqr = $_GET['quizQR'];
$recordsID1 = $_GET['recordsID1'];
$recordsID2 = $_GET['recordsID2'];

$m_array1=array();
$m_array=array();
    
    $sql = "SELECT quizQR, recordsID FROM `registertestactivity` WHERE (quizQR = '$quizqr' OR recordsID = '$recordsID1' OR recordsID = '$recordsID2') LIMIT 1";
    $result = @mysqli_query($link, $sql) or die();
    
    if (@mysqli_affected_rows($link) > 0) {
    
        while($row = @mysqli_fetch_assoc($result))
        {
            $m_array[]=$row;
        }

    } else {
        
        $m_array1 += ["quizQR" => "NoRecords"];
        $m_array1 += ["recordsID" => "NoRecords"];
                
        $m_array[0] = $m_array1;
        
    }   
        
    echo json_encode($m_array);

@mysqli_free_result($result);
@mysqli_close($link);

?>

Can someone help me out, i have tried the mysqli_real_escape_string and it still doesnt work :(

The $quizqr value has a '#' character in the string and this is the error msg that pops when the ajax call this php: click to see error message image

Answer

Solution:

Because you have a # in the URL you're dealing with a URL Fragment which means that everything past the # is not available in the query string. PHP offers a flag, PHP_URL_FRAGMENT for its function which can help you get what you need from the string.

Here is one example using the URL you provided:

$fragment = parse_url($url, PHP_URL_FRAGMENT);
echo $fragment;
$fragmentSection = explode('&', $fragment);
print_r($fragmentSection);

foreach($fragmentSection AS $section) {
    if(0 != strpos($section, '=')) {
        $sectionParts = explode('=', $section);
        $queryParts[$sectionParts[0]] = $sectionParts[1];
    }
}
print_r($queryParts);

This ultimately returns two array members which could then be used in your query:

Array
(
    [recordsID1] => records_001
    [recordsID2] => records_002
)

The best thing to do would be to write a function to which you pass the URL to return the elements you need.

Keep in mind that this is not fool-proof. If the URL is in a different format then what I have done here will have to be modified to work as you would like it to.

Additionally you have been given some warnings and guidance in the comments you should follow to keep your code safe and efficient, so I will not repeat them here.

Source
© 2021
E-mail: contact@webdevask.com
Back to top