php


SQL syntax error with parsed text from html page


I know this problem has been asked many times...I have basics in PHP and Mysql. I'm trying to set up a webpage tracker. I managed to do it using md5 function.
I'd like to go further and see what has changed.
I can parse the link of a webpage. i would like to store it in a database to compare it later with the content of the same page.
Here is my code:
$website = "www.example.com"
$input = file_get_contents($website) or die("Could not access file: $website");
$regexp = "<a\s[^>]*href=(\"??)([^\" >]*?)\\1[^>]*>(.*)<\/a>";
if(preg_match_all("/$regexp/siU", $input, $matches, PREG_SET_ORDER)) {
foreach($matches as $match) {
$final .= $match[3] . "<br>";
}
}
$oldchecksum_text = "INSERT INTO websites (website, hash, text) VALUES ('$website', '$newchecksum', '$final')";
if (mysqli_query($conn, $oldchecksum_text)){
echo "New record created successfully";
} else {
echo "Erreur: " . "<br>" . $conn->error;
}
Basically, everything work...Except the SQL query fails because of a "syntax error on line 1".
The problem comes from the text parsed. If i replace the variable by a word, or a long string of letters, it works perfectly.
I tried to replace ' by ` ...Didn't change anything.
Here are the characteristics of my SQL row:
text/longtext/utf8_general_ci
I don't really know what to do anymore...
Thanks for your help !
The best solution is to use a prepared query:
$oldchecksum_text = "INSERT INTO websites (website, hash, text) VALUES (?, ?, ?)";
$stmt = mysqli_prepare($conn, $oldchecksum_text);
mysqli_stmt_bind_param($stmt, "sss", $website, $newchecksum, $final);
if (mysli_stmt_execute($stmt)) {
echo "New record created successfully";
} else {
echo "Erreur: <br>" . $conn->error;
}
If there's some reason you can't do this, use mysqli_real_escape_string to escape variables before substituting them into a query.
I eventually looked at other methods, and it finally work. I changed the way i parsed the links, maybe this is the key ?
function getLinks($link)
{
/*** return array ***/
$ret = array();
/*** a new dom object ***/
$dom = new domDocument;
/*** get the HTML (suppress errors) ***/
#$dom->loadHTML(file_get_contents($link));
/*** remove silly white space ***/
$dom->preserveWhiteSpace = false;
/*** get the links from the HTML ***/
$links = $dom->getElementsByTagName('a');
/*** loop over the links ***/
foreach ($links as $tag)
{
$ret[$tag->getAttribute('href')] = $tag->childNodes->item(0)->nodeValue;
}
return $ret;
}
/*** a link to search ***/
$link = $website;
/*** get the links ***/
$urls = getLinks($link);
/*** check for results ***/
if(sizeof($urls) > 0)
{
foreach($urls as $key=>$value)
{
$final .= $key . '<br >';
}
}
else
{
echo "No links found at $link";
}
$oldchecksum_text = "INSERT INTO websites (website, hash, text) VALUES ('$website', '$newchecksum', '$final')";
mysqli_set_charset($conn, "utf8");
$final = mysqli_real_escape_string($conn, $final);
echo $final;
$stmt = mysqli_prepare($conn, $oldchecksum_text);
mysqli_stmt_bind_param($stmt, "sss", $website, $newchecksum, $final);
if (mysqli_stmt_execute($stmt)) {
echo "New record created successfully";
} else {
echo "Erreur: <br>" . $conn->error;
}
thanks for your help, i never heard about mysqli_real_escape_stringbefore, but quite interesting. At least i learned something new today :)

Related Links

php push dimensional array
class table inheritance in eloquent orm
Laravel Route get controller's construct without method
Highcharts doesn't show all contents of x-axis
Dynamic table with php pdo and two foreach
PHP color of the first line in a loop
Decrypt Rijndael with Passphrase in PHP
WP-API Get Posts After a Specific Date
How Do i Print last 10 days using php? [closed]
MySQL: Joining table duplicates SUM()
how to manuplate the google api php client
Unable to get cookie in construct function
How to loop through Models find from Where clause?
Trying to keep session with curl login in twitter
Code start and end in specific time
Return total values of each column after using datepicker to select a start and end date

Categories

HOME
flask
extjs
artificial-intelligence
azure-functions
generics
concurrency
tcsh
stacktrace.js
bing-search
jersey-2.0
mirc
flurry
material-components
navigation
impala
sentry
javafx-8
cisco
polymer-2.x
cqrs
game-maker
rangy
freertos
jpa-2.0
parceler
opam
backtracking
kamailio
mime-types
restier
vuforia
mod-wsgi
nurbs
crud
python-imageio
ccavenue
laravel-4.2
docx4j
substance
phpstorm-2016.1
grails-2.5
cordys-opentext
twilio-php
strapi
unification
export-to-pdf
vb.net-to-c#
access-denied
type-inference
daz3d
django-static-precompiler
ilrepack
cordova-ios
spring.net
stateless-session-bean
mobile-angular-ui
nitrousio
gawk
gapi
xcode6.4
dcount
jpda
decoder
wininet
callouts
traversable
raw-sockets
declarative
android-syncadapter
jsr363
ioexception
openshift-cartridge
android-studio-import
gitlab-omnibus
supercomputers
gflags
mgwt
sablecc
android-audiomanager
fiware-bosun
pass-by-value
juttle
cakephp-2.2
box2dweb
communicate
air-native-extension
oxygene
flipboard
frontbase
codahale-metrics
lru
ax
node.js-stream
jquery-lazyload
simplecov
websphere-6.1
telerik-ajax
system-information
struts2-s2hibernate
uipangesturerecognizer
wiktionary
raw-data
mysqli-multi-query
main-method
sqlsitemapprovider

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App