Home/ Questions/Q 7500753
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T20:17:28+00:00

Ok, so here’s my problem (which I’ve googled and no help): I have a

  • 0

Ok, so here’s my problem (which I’ve googled and no help):

I have a form which has the textarea element, and in it I want to write something like:

<table><tr><td>123</td></tr></table>

and click submit and i want it to be saved in database.

Now, my code is working if I enter nonHTML characters, but if I enter as above I get:

Forbidden

You don't have permission to access /xxx/sample_posteddata.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

My guess is that somehow my hosting has some security enbaled to disallow this?

I’ve tried to insert the exact text from the php admin interface and that works fine 😕

EDIT: full source code of the file podaciEdit.php:

<?
            require_once("_dal/CredentialsManager.php");
            require_once("_dal/ProizvodRepository.php");
            $repos = new ProizvodRepository();

            if ( isset( $_POST["spremi"] ) ){
                $sifra = $_POST["sifra"];
                $naziv = $_POST["naziv"];                        
                $slika = $_POST["slika"];                   
                $podaci_full = htmlspecialchars($_POST["podaci_full"]);

                $podaci_min = $_POST["podaci_min"];
                $kategorija = $_POST["kategorija"];
                $kategorija_naziv = $_POST["kategorija_naziv"];

                if ($repos->updateProizvod ($sifra, $naziv, $slika, $podaci_full, $podaci_min, $kategorija, $kategorija_naziv))
                    echo "Podaci uspješno spremljeni!";
                else{
                    echo "Greška prilikom spremanja podataka!";                                             
                }

                echo '<br/>Kliknite <a href="proizvodiEdit.php">ovdje</a> za povratak.';
            }
            else if ( isset( $_GET["sifra"] ) ){
                $sifra = $_GET["sifra"];
                $proizvod = $repos->GetProizvod($sifra);

                if ($proizvod){                        
                    $sifra = $proizvod["sifra"];
                    $naziv = $proizvod["naziv"];                        
                    $slika = $proizvod["slika"];                        
                    $podaci_full = $proizvod["podaci_full"];

                    $podaci_min = $proizvod["podaci_min"];
                    $kategorija = $proizvod["kategorija"];
                    $kategorija_naziv = $proizvod["kategorija_naziv"];



                    //$data = htmlentities($podaci_full, ENT_QUOTES, "UTF-8");
                    echo <<<qq
                    <form id="proizvodEdit" method="POST" action="proizvodEdit.php">

                                            Podaci - tablica: (mozes resizeati po potrebi!)<br/>
                    <textarea class="podaci_full" id="podaci_full" name="podaci_full">{$podaci_full}</textarea>
                    <input type="submit" value="Spremi sve" name="spremi"/>
                    </form>

qq;
                }
                else
                    echo '<h2 class="title-page">Proizvod koji tražite ne postoji.</h2>';

            }
            else{
                echo '<h2 class="title-page">Proizvod koji tražite ne postoji.</h2>';
            }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Actually, the thing that helped resolve the issue was function stripslashes.

    $podaci_full = stripslashes($_POST["podaci_full"]);
    • 0