In the after save section of the edit screen I read the fields that were edited and create a new record which stores the identifier for the record that was edited, the field that was edited, and stick these in a separate 'edits table'. This all works as I want it to, provided there are no special characters (e.g. apostrophes) in a text field that is read. Nubuilder's save option obviously takes care of them when updating the primary record, but since I'm creating a new record in the after save section, I need to escape the special characters manually. Looking at mysql as well as the php code for nubuilder, I've come across mysql_real_escape_string() and addEscapes(), but I've not been able to get this to work. Assuming the edited field is customer_name, and customer_id is the edited record, I'm thinking I need to do something like:
Code: Select all
$record_id = '#customer_id#';
$new_id = uniqId(1);
$the_edited_text = mysql_real_escape_string('#customer_name#'');
$query = "INSERT INTO edits SET edit_id = '$new_id', edited_record = '$record_id', edit_text = '$the_edited_text'";
nuRunQuery($query);
$the_edited_text = mysql_real_escape_string('#customer_name#'');
I've also tried reading the edited field from the data base, but run into the same problems if there are special characters in the field. So how do I escape special characters (including the hash character presumably) when reading a field? Or am I making things needlessly complex when there are far easier options to keep track of changes to records?
Thanks,
Dan.