Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Best way to store articles in a database? (php and sql)

Tags:

sql

database

php

insert

article

I want to store articles in a database, but I cannot seem to find much information on the best way to do this, from what I have read it seems split between most people on how to effectively do this. A lot of people will suggest a way and others will point out sql injection issues, and I cannot seem to find much about this topic that is fairly new.

Here is the html of an article:

    <div id="main">

        <article>

            <header>
                <h3> Title </h3>
                <time pubdate="pubdate"> 2011-07-22 </time>
            </header>

            <p> Article Text </p>

        </article>

    </div>

Ideally I guess it would be best to store the chunk of html making up each article into a database but there seems to be a lot of problems with this, and like I said I can't find many posts over this particular topic, and as someone new to php and databases I want to get some input on the best way to go about this before I proceed.

like image 971
valon Avatar asked Jul 23 '11 01:07

valon

People also ask

How are database articles stored?

The TEXT, BIGTEXT, LONGTEXT and others data types fields were created in order to store large amount of text (64 Kbytes to 4 Gbytes depending of the RDBMS). They just create a binary pointer to locate the text in the database and it is not stored directly in the table.

How do I store media files in SQL?

Store them as external files. Then save the path in a varchar field. Putting large binary blobs into a relational database is generally very inefficient - they only use up space and slow things down as caches are filled are unusable. And there's nothing to be gained - the blobs themselves cannot be searched.

Is it safe to store HTML in database?

Like others have pointed out there's nothing dangerous about storing HTML in the DB. But when you display it you need to know the HTML is safe.

1 Answers

When ever I store a large amount of user text, I just base64 it, then before you display it, make sure to run it through htmlspecialchars, this will keep html from working, so htmlspecialchars(base64_decode($content)) would work fine for displaying.
If you are using bbcode for formatting, then make sure to run htmlspecialchars before you start formatting your bbcode.

This isn't the only way, you can sanitize inputs without base64'ng it, but I see no reason not to, especially when nobody needs to see directly into the database.

like image 141
Ben Avatar answered Sep 27 '22 19:09

Ben
Sign in to Comment

Related questions

Adding additional functionality to a PHP form
Traverse array as tree in php
PHP PDO cannot get OUT parameter value
Problem with mysql LIMIT and PDO
How to send SMS from my website? Only sending SMS is required, not receiving [closed]
How to get IIS6 to recognize pathinfo routes instead of returning "404 Undescribed" error?
filter_var php question
is it necessary to validate $_SERVER['REMOTE_ADDR']?
PHP when writing to file, How to prepend and append text to a file with existing text?
MySQL relationship query
parsing a swf/fla (using php?)
php find where class is instantiated from
Netbeans hotkey to turn off highlighted search text?
CDbConnection error in Yii
How to pass value and run c program in php( web application)
Calling static function from instance
PHP: Condition Format - (6 == $var) or ($var == 6)?
PHP find value in multidimensional / nested array
Algorithm to get all possible string combinations from array up to certain length
How would I call a helper from a helper in Codeigniter?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!