Search Unity

  1. Welcome to the Unity Forums! Please take the time to read our Code of Conduct to familiarize yourself with the forum rules and how to post constructively.
  2. We have updated the language to the Editor Terms based on feedback from our employees and community. Learn more.
    Dismiss Notice
  3. Join us on November 16th, 2023, between 1 pm and 9 pm CET for Ask the Experts Online on Discord and on Unity Discussions.
    Dismiss Notice
New Forum User Notice Update to the Unity Editor Software Terms Unite 2023 - Ask the Experts Online

Escape special characters

Discussion in 'Scripting' started by Keysaw, Oct 29, 2015.

  1. Keysaw

    Keysaw

    Joined:
    Oct 14, 2015
    Posts:
    19
    Hello !

    I have an issue when trying to escape characters to put into a database. For a better understanding, here's basically what I do :
    - I use Facebook API to get some comments on a user facebook pictures, as strings.
    - I use a coroutine to put each comment into a database, using a PHP file on my website.

    BUT my problem is that the comments aren't always in the proper format. For exemple, special characters like " ' " or " & " breaks my url, and then my data don't appears in the database.

    Here the code I used to put the data to the PHP file on my server :
    Code (CSharp):
    1. public IEnumerator UploadData(string id = "", string name = "")
    2.     {
    3.         url = null;
    4.         url = baseUrl + "?id=" + id + "&name=" + name;
    5.         url = System.Uri.EscapeUriString (url);
    6.  
    7.         WWW www = new WWW(url);
    8.         yield return www;
    9.     }
    baseUrl is the address to the PHP file, name is the comment and id is the ID of the user who commented (all of these values are fine when I use Debug.Log).

    Then I use the EscapeUriString method. It works really fine with "spaces" (which becomes "%20"), but not with other characters, and I think this is where my problem is.

    Here's my PHP, just in case it matters :
    Code (CSharp):
    1. require_once 'app_config.php';
    2.  
    3. connect();
    4.  
    5. $id = $_GET['id'];
    6. $name = $_GET['name'];
    7.  
    8. $query = "INSERT INTO comments_table (id, name) VALUES ('" . $id . "', '" . $name . "')";
    9. $result = mysql_query($query) or die('Error ' . mysql_error());
    10.  
    SO, if you know anything to escape every character in the proper format, I would be glad to hear it!

    Thank you very much!

    PS : Just to be a little bit more precise :
    - "Reveil matin manuel ?" ---> WORKS
    - "Tu t'es pas auto-réveillé" ---> DOES NOT WORK
     
    Keysaw, Oct 29, 2015
    #1

  2. lordofduct

    lordofduct

    Joined:
    Oct 3, 2011
    Posts:
    8,380
    What's the url look like after escaped?

    Debug.Log that, see what it says, did it result in what you expect?

    I don't know what you put in for 'baseUrl', 'id', or 'name' to know what you're working with data wise. My putting in reasonable data to EscapeUriString results in what I expect to be an appropriate url.
     
    lordofduct, Oct 29, 2015
    #2

  3. Keysaw

    Keysaw

    Joined:
    Oct 14, 2015
    Posts:
    19
    Alright, here is the url before escaping, and after escaping (the one that I send to the PHP)

    BEFORE : www.mywebsite.com/php/upload.php?id=009988776&name=Jules Freno&message=j'aurais eu de quoi film\u00e9, ca faisait la meme dans la cuisine au bouchon...

    AFTER : www.mywebsite.com/php/upload.php?id=009988776&name=Jules%20Freno&message=j'aurais%20eu%20de%20quoi%20film%5Cu00e9,%20ca%20faisait%20la%20meme%20dans%20la%20cuisine%20au%20bouchon%20...

    And this doesn't appear in the database. I don't know if it's because of the " ' " character which is not escaping, because of the " ... " at the end which are part of the comment, or because something else...

    Also : my " é " characters are properly escaping, but inside the database it becomes " u00e9 ". Do you have an idea of how I can fix that too?
     
    Keysaw, Oct 29, 2015
    #3