2 Replies Latest reply on Jul 2, 2013 1:35 AM by jmw

    Special Character in PHP



      Special Character in PHP

      Your post


           Hi, I've writted a bit of code after googling which basically looks up the database I have for a job number and email address. This works fine, I just need to do a little more formatting on the HTML side of things. The problem I'm having is if you enter a tim* in the email address field then this wil search for every tim in my database. How do I stop the special character's? I've tried a few different approaches but it never seems to work. 
           require_once 'FileMaker.php';
           include 'includes/dbaccess_asset.php';
           echo $output;
           $type = $_GET['SRNumber'];
           $subject = $_GET['Email'];
           $skip = $_GET['skip'];
           if(!isset($skip)) { $skip = 0; }
           $max = 500;
           $searchstring = "SRNumber=$type&Email=$subject";
           $findCommand =& $fm->newFindCommand('Service Reports');
           $findCommand->addFindCriterion('SRNumber','=='.$type. '"');
           $findCommand->addFindCriterion('Email','=='.$subject. '"');
           $findCommand->setRange($skip, $max);
           $result = $findCommand->execute();
           if (FileMaker::isError($result)) {
               echo "Error: " . $result->getMessage() . "\n";
           $records = $result->getRecords();
           $found = $result->getFoundSetCount();
           $prev = $skip - $max;
           $next = $skip + $max;
           if(($skip + $max) > $found) {$next = $skip; }
           <title>Custom Web Publishing</title>
           <meta http-equiv="content-type" content="text/html; charset=UTF-8">
           <table border="1">
           foreach ($records as $record) { ?>
           <td><?php echo $record->getField('SRNumber'); ?></td>
           <td><?php echo $record->getField('Email'); ?></td>
           <td><?php echo $record->getField('Description'); ?></td>
           <td><?php echo $record->getField('Job Status'); ?></td>
           <?php } ?>
           <a href="<?php echo "?skip=$prev&$searchstring"; ?>">Previous</a> | <a href="<?php echo "?skip=$next&$searchstring"; ?>">Next</a>

        • 1. Re: Special Character in PHP
          Jason Wood

               I don't think this is really a php question. If you enter "==jason*" (without quotes) into an FMP field in find mode, you'll find any record where the field starts with jason, even though you have specified exact match with the double equal sign.

               This surprised me as I thought I could always count on the "==" being able to negate any further special characters (otherwise what is the point?). I think you can solve this by putting your find criteria inside double quotation marks after the "=="

               =="jason@email.com" would no longer work if you put a * in it.

               I just figured this out by trial error so I'd like someone else to confirm this behaviour.

          • 2. Re: Special Character in PHP


                 you might want to have a look at PHP's preg_replace fuction (http://www.php.net/manual/en/function.preg-replace.php). It replaces characters in a string based on a 'regular expression'. These are not particularly easy to grasp but are well worth the time spent on google (PHP's documention is less suitable for starters on the subject...).

                 You can filter all the non-alphanumerical character in a string using f.e.:

                  $subject = preg_replace("/[^a-zA-Z0-9\s]/", "#",  $_GET['Email'] );

                 What happens here is that the Email string has all it's non-alphanumerical characters replaced by a '#'. The way to read the first string in preg_replace is that the string in between '/[' and ']/' is a pattern. Here it concists of five parts: a '^' meaning 'not in', then four sets of allowed characters being 'a-z', 'A-Z', '0-9' and a whitespace (the '\s'). So anything not being in these four sets will be replaced by '#' (for clarity here, you can also use an empty string of course).

                 There is a lot going on with 'regular expressions' and it is a powerful concept. F.e. another variant of our expression is '/[^a-z0-9\s]/i' where the 'A-Z' hes been removed and a 'i' is added as expression option; standing for case-insensitive. Google is your friend.