I have got a table 'famille'
CREATE TABLE famille (
idf INTEGER(6) NOT NULL ,
>>>>>> nomf VARCHAR(40) NOT NULL,
CONSTRAINT pk_famille
PRIMARY KEY (idf),
>>>>>> CONSTRAINT un_famille_nomf
>>>>>> UNIQUE (nomf)
)ENGINE = InnoDB, DEFAULT CHARACTER SET utf8; <<<<<<<<<
When adding a new 'famille', i have to check constraints : the unique constraint refer to a text field.
Examples :
idf nomf
100 Actinidiacées
110 Aizoaceae
120 Amaranthacées
130 Amaryllidacées (Liliacées)
140 Apiacées (Ombellifères)
...
I use asynchronous query Javascript/Php to check values in a form that enable to add a new 'famille' and that the value of the field 'fnom' in the form already exists in the table : when le input field is not accentuated, it works, but when there are accentuated characters, it does not work : the form is submit and I get a normal SQL error.
Form simplified :
<html><head>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta charset="utf-8" /> <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
<title>Gestion - Administration du site</title>
...
<link rel='stylesheet' href='main.css' type='Text/css'>
<script src="js/checkfamille.js?dev=1574345195"></script>
</head>
<body><h2 class='entete'>Les familles</h2>
...
<form name='frmNewfamille' id='frmNewfamille' method='post' ><fieldset id='fs1'><legend><b>Informations</b></legend><div class='ligne'><span class='label'><label for='fidf'>Identifiant</label></span><span class='champs'>
<input type='number' size='6' minlength='6' maxlength='6' name='fidf' id='fidf' required value='' /></span>
</div><div class='ligne'><span class='label'><label for='fnomf'>Intitulé</label></span><span class='champs'>
<input type='text' size='40' minlength='40' maxlength='40' name='fnomf' id='fnomf' required value='' /></span></div></fieldset><fieldset>
<input type="hidden" id="valide" name="valide" hidden />
<input class='bouton' type='button' name='btnNewAfamille' id='btnNewAfamille' value='Ajouter'
onclick='return checkfamille();' />
>>>>>>>>>>>>>>>>>>>^^^^^^^^^^^
</fieldset>
</form>
...
Javascript :
function checkfamille()
{
var idf = document.forms["frmNewfamille"]["fidf"];
var nomf = document.forms["frmNewfamille"]["fnomf"];
// somme checks
...
// ajax call
...
return checkFamilleAjax('code.php?idf='+escape(idf.value)
+'&nomf='+escape(nomf.value) <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+'&mode=insert');
...
function checkFamilleAjax(fichier, nom)
{
var xhr_object;
if(window.XMLHttpRequest) // FIREFOX
xhr_object = new XMLHttpRequest();
else if(window.ActiveXObject) // IE
xhr_object = new ActiveXObject("Microsoft.XMLHTTP");
else
return(false);
xhr_object.onreadystatechange = function() {
if (xhr_object.readyState == 4 && (xhr_object.status == 200 || xhr_object.status == 0)) {
var reponse = (xhr_object.responseText).replace(/\s/g, "");
if(reponse=="0") {
document.getElementById("valide").value = "true";
document.forms["frmNewfamille"].submit();
return true;
} else if(reponse=="1") {
// set error fields on the form
....
}
}
xhr_object.open("GET", fichier, true);
xhr_object.send(null);
}
PHP code :
<?php session_start();
// includes
...
$database = new Database();
$famille = new Famille($database);
try {
if ($mode == 'insert') {
if (isset($_GET["idf"]) && isset($_GET["nomf"])) {
// checks if number already exists
$database->query('SELECT idf FROM famille WHERE idf = :id;');
$database->bind(':id', $_GET["idf"]);
if ($result = $database->execute()) {
if ($database->rowCount() >0) {
echo "1"; exit;
}
} else {
echo "7 ". $database->getError(); exit;
}
// checks if name already exists
$database->query('SELECT idf FROM famille WHERE nomf = :lname;');
$database->bind(':lname', $_GET["nomf"]);
if ($result = $database->execute()) {
if ($database->rowCount() > 0) {
echo "2"; exit;
}
} else {
echo "8 ". $database->getError(); exit;
}
echo "0"; exit;
} else {
echo "9"; exit;
}
...
Here is the value of $_POST from my form :
Array ( [fidf] => 3214 [fnomf] => Rosacées [valide] => true )
and here is the query error :
Erreur SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate
entry 'Rosacées' for key 'un_famille_nomf'
I have checked
- all sources files : utf8 OK
- the database data
- php/mysql connexion parameters and code :
define("DB_HOST", "localhost");
define("DB_USER", "xxxx");
define("DB_PASS", "xxxx");
define("DB_NAME", "xxxx");
define("DB_CHARSET", "utf8");
and a database class :
class Database
{
private $host = DB_HOST;
private $user = DB_USER;
private $pass = DB_PASS;
private $dbname = DB_NAME;
private $charset = DB_CHARSET;
private $dbh;
private $error;
private $stmt;
public function __construct(){
$dsn = 'mysql:host=' . $this->host . ';dbname=' . $this->dbname. ';charset=' . $this->charset;
// Options
$options = array(
PDO::ATTR_PERSISTENT => true,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION ,
PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"
);
try{
$this->dbh = new PDO($dsn, $this->user, $this->pass, $options);
$this->dbh->exec("SET NAMES utf8;");
}
catch(PDOException $e){
$this->error = $e->getMessage();
}
}
...
May be I miss something ?
Thanks for help.
****EDIT****
Just after writing this message, I wonder if it does not come from escape(nomf.value) in the call of PHP asynchronous php code... I remove 'escape' and that works !!!
return checkFamilleAjax('code.php?idf='+idf.value
+'&nomf='+nomf.value
+'&mode=insert');
Javascript 'escape' change characters (accuentuated for example) to hexadecimal value : (from https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/escape * change * from french to english reference)
escape("abc123"); // "abc123"
escape("äöü"); // "%E4%F6%FC"
escape("ć"); // "%u0107"
This function is obsolete and 'encodeURI' ou 'encodeURIComponent' should be use when necessary.
Related
I've replicated a graph script from one Wordpress installation to another
It operates using graph_nat and defs.php - Defs stores the DB details
I have not altered the script after migrating but now I'm getting JSON error
I've checked to ensure after object it's true
I'm struggling to figure out the bug, error reporting doesn't include the JSON error only false positives for PHP
<?php
include ('../wp-load.php');
include ('defs.php');
// we need this so that PHP does not complain about deprectaed functions
error_reporting( 0 );
// Connect to MySQL
// constants stored in defs.php
$db = mysqli_connect("localhost", DB_NAT_USER, DB_NAT_PASS, DB_NAT_NAME);
// get user id
$current_user = wp_get_current_user();
$current_user_id = $current_user->ID;
if ( $current_user_id == null || $current_user_id == 0) {
$message = 'User not authorized';
die( $message );
}
if ( !$db ) {
die( 'Could not connect to database' );
}
if (!isset($_GET['id'])) {
$message = 'Missing ID url parameter';
die( $message );
}
$id = $_GET['id'];
$practitionerId = $current_user_id;
$query = "SELECT results FROM submissions WHERE ID = ? AND practitionerId = ?";
$result = [];
if ($stmt = $db->prepare($query)) {
$stmt->bind_param('ss', $id, $practitionerId);
$stmt->execute();
$stmt->bind_result($results);
if ($stmt->fetch()) {
$result = $results;
}
$stmt->close();
}
// decode json from database
$json = json_decode($result, true);
$outputArray = [];
$healthIndex = 100;
if ($json) {
foreach($json as $key=>$val) {
$healthEvents = explode(", ", $val);
// filter out empty strings
$healthEventsFiltered = array_filter($healthEvents, function($value) {
if ($value == '') {
return false;
}
return true;
});
// points to decrease per event
$healthDecrease = (count($healthEventsFiltered))*2;
$healthIndex -= $healthDecrease;
if ($healthIndex<0) {
$healthIndex = 0;
}
// implode array to get description string
$arrayString = implode(",<br>", $healthEventsFiltered);
// age groups
$ageGroup = $key*5;
$ar = array("category" => "Age: " . $ageGroup, "column-1" => $healthIndex, "events" => $arrayString);
array_push($outputArray, $ar);
}
echo json_encode($outputArray, true);
} else {
$message = 'Could not decode JSON: ' . $result;
die( $message );
}
// Close the connection
mysqli_close( $db );
?>
Figured it out, I wasn't passing USER ID in url. It was undefined. I should go back to school
I´m always getting "Invalid request" because of the "POST variables were not sent to this page". I already chech the javascript on the console and it was fine. And i read eveithing about this problem, maybe the problem is not the code. Can somebody please help me?
This is my index.php (login page)
<?php
include_once 'db_connect.php';
include_once 'functions.php';
sec_session_start();
if (login_check($mysqli) == true) {
$logged = 'in';
} else {
$logged = 'out';
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Secure Login: Log In</title>
<link rel="stylesheet" href="styles/main.css" />
<script type="text/JavaScript" src="js/sha512.js"></script>
<script type="text/JavaScript" src="js/forms.js"></script>
</head>
<body>
<?php
if (isset($_GET['error'])) {
echo '<p class="error">Error Logging In!</p>';
}
?>
<form action="process_login.php" method="POST" name="login_form">
Email: <input type="text" name="email" />
Password: <input type="password"
name="password"
id="password"/>
<input type="button"
value="Login"
onclick="formhash(this.form,this.form.password);"
/>
</form>
<?php
if (login_check($mysqli) == true) {
echo '<p>Currently logged ' . $logged . ' as ' .
htmlentities($_SESSION['username']) . '.</p>';
echo '<p>Do you want to change user? Log out.</p>';
} else {
echo '<p>Currently logged ' . $logged . '.</p>';
echo "<p>If you don't have a login, please <a
href='register.php'>register</a></p>";
}
?>
</body>
</html>
And this is my login_process:
<?php
include_once 'db_connect.php';
include_once 'functions.php';
sec_session_start(); // Our custom secure way of starting a PHP session.
if (isset($_POST['email'], $_POST['p'])) {
$email = $_POST['email'];
$password = $_POST['p']; // The hashed password.
if (login($email, $password, $mysqli) == true) {
// Login success
header('Location: protected_page.php');
} else {
// Login failed
header('Location: ../index.php?error=1');
}
} else {
// The correct POST variables were not sent to this page.
echo 'invalid Request';
}
And the form that seems to be working:
function formhash(form, password) {
// Create a new element input, this will be our hashed password field.
var p = document.createElement("input");
// Add the new element to our form.
document.body.appendChild(p);
p.name = "p";
p.type = "hidden";
p.value = hex_sha512(password.value);
// Make sure the plaintext password doesn't get sent.
password.value = "";
// Finally submit the form.
form.submit();
}
And the functions:
function login($email, $password, $mysqli) {
// Using prepared statements means that SQL injection is not possible.
if ($stmt = $mysqli->prepare("SELECT id, username, password
FROM users
WHERE email = ?
LIMIT 1")) {
$stmt->bind_param('s', $email); // Bind "$email" to parameter.
$stmt->execute(); // Execute the prepared query.
$stmt->store_result();
// get variables from result.
$stmt->bind_result($user_id, $username, $db_password);
$stmt->fetch();
if ($stmt->num_rows == 1) {
// If the user exists we check if the account is locked
// from too many login attempts
if (checkbrute($user_id, $mysqli) == true) {
// Account is locked
// Send an email to user saying their account is locked
return false;
} else {
// Check if the password in the database matches
// the password the user submitted. We are using
// the password_verify function to avoid timing attacks.
if (password_verify($password, $db_password)) {
// Password is correct!
// Get the user-agent string of the user.
$user_browser = $_SERVER['HTTP_USER_AGENT'];
// XSS protection as we might print this value
$user_id = preg_replace("/[^0-9]+/", "", $user_id);
$_SESSION['user_id'] = $user_id;
// XSS protection as we might print this value
$username = preg_replace("/[^a-zA-Z0-9_\-]+/",
"",
$username);
$_SESSION['username'] = $username;
$_SESSION['login_string'] = hash('sha512',
$db_password . $user_browser);
// Login successful.
return true;
} else {
// Password is not correct
// We record this attempt in the database
$now = time();
$mysqli->query("INSERT INTO login_attempts(user_id, time)
VALUES ('$user_id', '$now')");
return false;
}
}
} else {
// No user exists.
return false;
}
}
}
Thank you for your time.
I'm Trying to insert the HTML Form data using PHP with the help of Ajax,
I write the code for that is as follow
html code:
<!DOCTYPE HTML>
<html lang="en">
<head><title>Ajax Test</title>
<meta charset="utf-8" name="viewport" content="width=device-width initial-scale=1.0">
<script>
function exec(){
var name=document.getElementById("name").value;
var uname=document.getElementById("uname").value;
var xtr=new XMLHttpRequest();
xtr.onreadystatechange=function(){
if(xtr.readyState==4 && xtr.status==4){
document.getElementById("p_res").innerHTML=xtr.responseText;
}
};
xtr.open("GET","insert.php?name="+name+"&uname="+uname,true);
xtr.send(null);
}
</script>
</head>
<body>
<form>
Name : <input type="name" id="name"><br>
Username : <input type="uname" id="uname"><br>
<button type="button" onclick="exec()">Submit</button>
</form>
<div id="p_res"></div>
</body>
</html>
and the respective php page is it.. it return some value but the Ajax code does not print then at specified location which has been assigned for that code.. what should I do to resolve this fault..
<?php
class insert
{
/**
* insert constructor.
* #param $name
* #param $uname
*/
function __construct($name, $uname)
{
$conn = pg_connect("host=localhost dbname=test user=postgres password=password");
if (!$conn) {
return "Error, Could not connect!";
}
$query = "INSERT into test(uname,name) VALUES ('$uname','$name')";
$res = pg_query($conn, $query) or die("Can not exec Query...");
return (<<<ret
Data Inserted Successfully...
ret
);
}
}
/** #var TYPE_NAME $obj_test */
$obj_test=new insert($_GET['name'],$_GET['uname']);
?>
Please Support me guys because I'm new for ajax, I do not have any great idea about the ajax...
Thanks guys....
Rather than trying to return a value from the constructor, use another function for that purpose perhaps as below.
class insert{
/**
* insert constructor.
* #param $name
* #param $uname
*/
private $res;
function __construct($name, $uname)
{
$conn = pg_connect("host=localhost dbname=test user=postgres password=password");
if (!$conn) {
return "Error, Could not connect!";
}
$query = "INSERT into test(uname,name) VALUES ('$uname','$name')";
$this->res = pg_query($conn, $query) or die("Can not exec Query...");
}
public function showsuccess(){
echo $this->res ? 'Data Inserted Successfully...' : 'Error inserting data';
}
}
$obj_test=new insert($_GET['name'],$_GET['uname']);
$obj_test->showsuccess();
$obj_test=null;
There are few problems in your code. First of all, the constructor method doesn't return anything. So instead of return use echo, like this:
<?php
class insert
{
function __construct($name, $uname)
{
$conn = pg_connect("host=localhost dbname=test user=postgres password=password");
if (!$conn) {
echo "Error, Could not connect!";
}
$query = "INSERT into test(uname,name) VALUES ('$uname','$name')";
$res = pg_query($conn, $query) or die("Can not exec Query...");
if($res){
echo "Data Inserted Successfully";
}else{
echo "Data could not be inserted";
}
}
}
$obj_test=new insert($_GET['name'],$_GET['uname']);
?>
And second, look at your onreadystatechange event:
xtr.onreadystatechange=function(){
^ you are not catching the response text
if(xtr.readyState==4 && xtr.status==4){
^ status should be 200
document.getElementById("p_res").innerHTML=xtr.responseText;
}
};
So your exec() function should be like this:
function exec(){
var name=document.getElementById("name").value;
var uname=document.getElementById("uname").value;
var xtr=new XMLHttpRequest();
xtr.onreadystatechange=function(responseText){
if(xtr.readyState==4 && xtr.status==200){
document.getElementById("p_res").innerHTML=xtr.responseText;
}
};
xtr.open("GET","insert.php?name="+name+"&uname="+uname,true);
xtr.send(null);
}
i'm making an online barcode scanner application and having some issues with sending a javascript variable to php for my query , and getting it back in my html file with the data.
User scans barcode (studentNr)
studentnr --> variable is going to be posted to the php file.
in php file : query to compare with variable
result of query --> back to the parameter of function(data)
print result.
Sounds easy, but how do I do this correctly?
Index.html :
<head>
<meta charset="utf-8" />
<!-- Set the viewport width to device width for mobile -->
<meta name="viewport" content="width=device-width" />
<script src="javascripts/jquery.js"></script>
</head>
<body>
<div>
<input type="text" name="barcode" id="barcode"> // BARCODE SCAN
<input type="text" id="student" placeholder="studentenNaam" size="30"> //NAME FROM DB
<!-- <input type="text" id="barcode" placeholder="Waiting for barcode scan..." size="40">
<input type="text" id="student" placeholder="studentenNaam" size="30">-->
</div>
// just the script for scanning the barcode :
<script>
var barcodeParsed = null;
var studentenNr = null;
$(document).ready(function() {
var pressed = false;
var chars = [];
$(window).keypress(function(e) {
if (e.which >= 48 && e.which <= 57) {
chars.push(String.fromCharCode(e.which));
}
console.log(e.which + ":" + chars.join("|"));
if (pressed == false) {
setTimeout(function(){
if (chars.length >= 10) {
var barcode = chars.join("");
console.log("Barcode Scanned: " + barcode);
barcodeParsed = barcode;
var barcodeParsing = barcodeParsed.substring(5,11);
$("#barcode").val("s" + barcodeParsing);
studentenNr = "s" + barcodeParsing;
}
chars = [];
pressed = false;
},500);
}
pressed = true;
});
});
$("#barcode").keypress(function(e){
if ( e.which === 13 ) {
console.log("Prevent form submit.");
$.post('testdb.php', {'studnr' :studentenNr}, function(data){ //POST JS VAR TO PHP FILE
$('#student').html(data); //RECEIVE DATA FROM DB INTO ID ELEMENT
});
e.preventDefault();
}
});
</script>
</body>
And in my testdb.php file it looks like this :
<?PHP
$studnr = htmlspecialchars($_POST['studnr']);
if(isset($studnr)){
$user_name = "root";
$password = "";
$database = "Student";
$hostname = "127.0.0.1";
$db_handle = mysql_connect($hostname, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$SQL = "SELECT * FROM student where studentenNr= '$studnr'";
$result = mysql_query($SQL);
while ( $db_field = mysql_fetch_assoc($result) ) {
/* Here needs the data to fetch*/
print $db_field['naam'] . "<BR>";
print $db_field['studentenNr'] . "<BR>";
print $db_field['voornaam'] . "<BR>";
}
mysql_close($db_handle);
}
else {
print "Database NOT Found ";
mysql_close($db_handle);
}
}
The problem is i can't receive any data from my html file in to my php file, plus i don't know how i can put the received data back in to my html file.
in the php-file..How do I write it back to the html ?
Do I need to use Ajax,Jquery,..
Any other solutions ?
Thank you for helping me out !
UPDATE
when adding this between the if(db_found) brackets I get an Internal Server Error 500.
$sql = $db->prepare("select*from student where studentenNr= '$studnr' ");
$sql->execute($arraytest = array(':studnr' => studentenNr,naam );)
$sql->execute(array(":studentenNr" => $studnr));
$data = $sql->fetchAll();
foreach($item as $data){
print($item["naam"]);
log($item["naam"]);
On your javascript you're sending studnr parameter:
$.post('testdb.php', {'studnr' :studentenNr}, function(data){
In your php script you trying to get the value from studentenNr parameter:
$studnr = htmlspecialchars($_POST['studentenNr']);
You need to cahnge your script to
$studnr = htmlspecialchars($_POST['studnr']);
Edit:
You're getting internal error because of this line:
$sql = $db->prepare("select*from student where studentenNr= '$studnr' ");
You need to prepare the SQL statement with the parameters and then bind them, so the line should be (something like):
$sql = $db->prepare("select * from student where studentenNr= :studnr");
$sql->execute(array(':studnr' => $studnr ));
Apparently my POST requests are being cancelled?
http://puu.sh/d73LC/c6062c8c07.png
and also, mysqli_result object has all null values when i query the database with a select query:
object(mysqli_result)[2]
public 'current_field' => null
public 'field_count' => null
public 'lengths' => null
public 'num_rows' => null
public 'type' => null
here is my php file:
<?php
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "uoitlol";
$name = "test1"; //this should be $_POST['name']; test1 is just to test if it works.
$err = false;
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_errno > 0) {
echo 'connerr';
die();
}
$sql = "INSERT INTO summoners (name) VALUES (?)";
$getname = "SELECT name FROM summoners";
$result = $conn->query($getname);
while ($row = $result->fetch_assoc()) {
echo 'name : ' . $row['name'];
if ($row['name'] === $name) {
echo 'error, name exists';
$err = true;
}
}
$stmt = $conn->prepare($sql);
$stmt->bind_param('s', $name);
if ($err === false) {
if (!$stmt->execute()) {
echo 'sqlerr';
} else {
echo 'success';
}
}
$stmt->close();
mysqli_close($conn);
here is my javascript file, which calls the php file with ajax whenever i click submit on my form (in a different html file)
$(document).ready(function () {
$("#modalClose").click(function () {
document.getElementById("signupInfo").className = "";
document.getElementById("signupInfo").innerHTML = "";
});
$("#formSubmit").click(function () {
var name = $("#name").val();
// Returns successful data submission message when the entered information is stored in database.
var dataString = {'name' :name};
if (name === '')
{
document.getElementById("signupInfo").className = "alert alert-danger";
document.getElementById("signupInfo").innerHTML = "<b>Please enter a summoner name!</b>";
}
else
{
// AJAX Code To Submit Form.
$.ajax({
type: "POST",
url: "submitName.php",
data: dataString,
cache: false,
success: function (msg) {
if (msg === 'error'){
document.getElementById("signupInfo").className = "alert alert-danger";
document.getElementById("signupInfo").innerHTML = "<b>That summoner name is already in the database!</b>";
} else if (msg === 'sqlerror'){
document.getElementById("signupInfo").className = "alert alert-danger";
document.getElementById("signupInfo").innerHTML = "<b>SQL error, contact the administrator.</b>";
} else if (msg === 'success'){
document.getElementById("signupInfo").className = "alert alert-success";
document.getElementById("signupInfo").innerHTML = "<b>Summoner successfully added!</b>";
}
}
});
}
return false;
});
});
I'm getting these errors everytime I click my button that submits my form:
Failed to load resource: Unexpected end of file from server (19:41:35:538 | error, network)
at public_html/submitName.php
Failed to load resource: Unexpected end of file from server (19:41:35:723 | error, network)
at public_html/submitName.php
Failed to load resource: Unexpected end of file from server (19:41:36:062 | error, network)
at public_html/submitName.php
I'm using Netbeans IDE, if that matters.
puu.sh/d6YXP/05b5f3dc06.png - screenshot of the IDE, with the output log errors.
Remove this from your submitName.php, unless there really is HTML in it.
<!DOCTYPE html>
If there is HTML in it, do this instead.
<?php
//your PHP code//
?>
<!DOCTYPE html>
//your HTML here//
</html>
Also, if submitName.php contains no HTML, make sure there is no blank line after ?> at the bottom.
EDIT: In regards to your query failing, try this code.
if (!empty($name) { //verify the form value was received before running query//
$getname = "SELECT name FROM summoners WHERE name = $name";
$result = $conn->query($getname);
$count = $getname->num_rows; //verify a record was selected//
if ($count != 0) {
while ($row = $result->fetch_assoc()) {
echo 'name : ' . $row['name'];
if ($row['name'] === $name) {
echo 'error, name exists';
$err = true;
}
}
} else {
echo "no record found for name";
exit;
}
}
Drop the ?> at the end of the php file and instead of using var dataString = 'name=' + name; use this instead:
var data = { "name" : name};
jQuery will automagically do the dirty stuff for you so that you don't have to special text-escape it and stuff.
That's as far as I can help without any log files and just a quick skim of your code.