next »

[KaptainKrayola]

So, the Kaptain here has been running into issues with inserting big blocks of syndicated text into his DB where sometimes it will just fail with some kind of goofy error saying there is an issue with the syntax of my query (which there totally isn't cause my queries are teh win).  So, I'm wondering what the best method(s) for escaping and making big blocks of text mySQL friendly for insertion into the table.

Discuss in 3, 2, 1...GO!

[lamontagne]

Load data infile or properly escaped batch inserts. That being said I find it easier to store huge chunks of text in a file and store the path plus only what is needed in the db

[perkiset]

Am I missing it here? $newbuff = mysql_escape_string($oldBuff); ...?

you've probably got some double or single quotes in it.

[nutballs]

I will again recommend my old standby.

base64 encode it
OR
hex encode it

Although there are function out there built into assorted languages that are supposedly able to escape any mess of shit you throw at it, I have found them all to be PHAIL. I gave up eons ago, though I keep trying them out.

hex or b64 are ZERO danger to your database, no matter what.

[KaptainKrayola]

Am I missing it here? $newbuff = mysql_escape_string($oldBuff); ...?

you've probably got some double or single quotes in it.

been there, done that - still had issues.  I had thought that was the way to go but still run into the odd insert that fails.  Tried a variety of other things as well but still can't get it to 100% success rate so i thought i may be missing something.

@nuts - clever idea with hex or base64 i may have to give that a whirl.

[nutballs]

between smart slashes smart quotes smart smartyness and all that escape shit, and it being different on every damn system, Im surprised mysql ever works with text being inserted.

I think another option would be binary, but I never have bothered to try it.

[oldenstylehats]

I will again recommend my old standby.

base64 encode it
OR
hex encode it

Although there are function out there built into assorted languages that are supposedly able to escape any mess of shit you throw at it, I have found them all to be PHAIL. I gave up eons ago, though I keep trying them out.

hex or b64 are ZERO danger to your database, no matter what.

Thank you. I'd never thought of that before. Great idea.

[nutballs]

Its a 
for most folks when they hear it.

the hard part is remembering to do it... lol
I always forget.

downside is searchability. You cant really do LIKE queries or FULLTEXT. But generally speaking, it would only be used for BIGASSTEXT or dirty text. Shorter text tends to have less probability of some magic quote combo that breaks the escape functions.

[perkiset]

It's for that very reason that, although I like the concept, I don't like it for pure text content.

Kaptain have you thought about doing a straight removal of all non-ascii chars, then dump backslashes, then escape it? That should just about do it. If that doesn't, PM me a SQL that fails. I think it's simpler than this.

[arms]

i know i have had headaches from character encoding problems when pulling shit from the web.
documents are not always using the character set they claim to be.
at least make sure the columns you are inserting into are utf and not latin.

[KaptainKrayola]

thanks for the suggestions all - i'm going to hammer on it some and see if there is anything i have missed.

 

[herbacious]

prepared statements any use?