0

I am fetching some contents from Google Feeds API using JavaScript API and trying to insert them into a SQLite database in a Phonegap app.

But I get so many syntax errors due to non escaped and special characters in the fetched content string. Because the content string has HTML codes and their attributes and their values within quotes.

Can anybody help me with a solution to get this task done? Can somebody suggest me ways to perform the PHP functions like addslashes, htmlentities, htmlspecialchars? Let me know a proper way to do this insertion. Only JS.

Eg: The inserting variable "content" is a string with <div id="test" style="color:#000;">I'm tall and I'm "26" now.</div> and it needs to be inserted to a column, the html content without any error.

var content = <div id="test" style="color:#000;">I'm tall and I'm "26" now.</div>
tx.executeSql("INSERT INTO MyTable(id, Content) VALUES ('1',content)");

The variable "content" has single and double quotes and further it can contain many special characters. So the content variable must be formatted before inserting to DB.

Improve this question

3 Answers 3

Reset to default
1

To use arbitrary string values in SQL statements, use parameters:

var content = "!'§$%&/()=?+*~#|<...";
...
tx.executeSql("INSERT INTO MyTable(ID, Name, Content) VALUES(?,?,?)",
              [123, "Some Name", content]);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I think I have found the answer to format js string before adding to db in http://phpjs.org/functions/htmlentities/

Improve this answer

Comments

0

May be below code help you out.

var db = window.sqlitePlugin.openDatabase("Databases", "1.0", "XYZ", 1000000);  

db.transaction(function(tx) {
   var content = $("#test").html();

   tx.executeSql("INSERT INTO MyTable (id, Content) VALUES(?,?)",['1',content], querySuccess, errorCB);         
}, errorCB);


<body>
   <div id="test" style="color:#000;">I'm tall and I'm "26" now.</div>
</body>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.