PHP and passing variables

Hello ppl, I'm kind of new to PHP and I've run into a problem with my slashes.

I have a script (newarticle.php) which accepts input for 5 values, then passes those values to itself, prints the contents and asks for confirmation, then calls itself again with those variables and inserts the new values into a MySQL database 'furycms'.

My problem lies with passing the variables across the last time. The piece of code that is being a problem in particular is this form, where I dump the variables as hidden form values so the user can confirm the values and either pass them along or cancel.


echo "<form action=\"$PHP_SELF\" method=\"post\">\n";
printf("<input type=\"hidden\" name=\"category\" value=\"%s\">", $category);
printf("<input type=\"hidden\" name=\"type\" value=\"%s\">", $type);
printf("<input type=\"hidden\" name=\"title\" value=\"%s\">", $title);
printf("<input type=\"hidden\" name=\"description\" value=\"%s\">", $description);
printf("<input type=\"hidden\" name=\"filename\" value=\"%s\">", $filename);
?>
<input type="hidden" name="confirmed" value="yes">
<input type="submit" name="submit" value="Add article to database">
</form>

<form action="newarticle.php" method="post">
<input type="submit" name="submit" value="Cancel">
</form>


The problem is, anytime I put a value into the printf() function I lose everythign in quotes. I have tried every combo of stripslashes()/addslashes() but I think it's just a problem with the method itself.

Would it be best to implement a session to get this done? How would you approach this, maybe by making new values equal to the ones passed along, or if I simply create a session will form-submitted values be persistent?

Thank you in advance, I hope this made sense :rolleyes:

Though there are cleaner solutions to this problem, a quicker fix would be utilizing a combination of urlencode() and urldecode().

Just what I needed. Works fine using urlencode()/urldecode(). Hrm... not exactly clean though, like you mentioned. How do you handle your form data? What would be a cleaner solution, sessions?

Thanks a ton Grizzly :D

Cool, I'm glad it worked out for you. I've used a similar method myself to make a simple PHP mailer, where you had to confirm your message before you sent it. But yeah, it's a quick & dirty approach. 2 cleaner approachs might be:

1) Store the data into session. (clean & simple)
2) Store the data into a database, some table you could call "session_data" or whatever you would like, and save / retrieve information from that. That might offer you a little more control over things than simple session management. (not as clean, a little more complex too)

I'll probably work on managing a session for the data, rather than creating another database just for some temporary variables that are being inserted into their own database. If my server were a little faster I would probably fool around with the idea, it would be a little more manageable and robust once designed, but for now I'll stick with simple :)

That actually gives me a few ideas for my forums, I had designed a relatively functional forum package in Perl (all flat-text files though), and I'm hoping to convert all of it over to PHP and move to a MySQL database. I think it may prove to be more manageable using a database to control session vars... rgghh okay I'm getting ahead of myself, those are questions for another day!

Thanks Grizzly!