Basically, I have an administration area where users are to be able to add information to a MySQL database using a form textarea. The users have little or no HTML knowledge so I'd like them to be able to use their return key to create line breaks instead of <br />
tags, however I also want the use of HTML to be permitted too for future purposes. I also won't want <br />
tags to appear in the textarea after insertion and would like line breaks instead so as not to confuse people - basically display it in the textarea exactly as it was entered.
I've been having difficulty parsing the data though, I've come up with a solution to prevent the line breaks from being stripped but I just really want to know if this is valid - it works, but if I've learned anything recently I know that doesn't mean it's right!
$extra_details_escape = mysql_real_escape_string($_POST['extra_details']);
$extra_details_escape = str_replace('\r\n','LiNeBrEaK',$extra_details_escape);
$extra_details_escape = stripslashes($extra_details_escape);
$extra_details_escape = str_replace('LiNeBrEaK','\r\n',$extra_details_escape);
mysql_query("UPDATE table SET column = '$extra_details_escape' WHERE id = '$id'");
Many thanks,
Joe
Have you tried nl2br() ?
Try this, post string sanitization:
$extra_details_escape = nl2br($_POST['extra_details']);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.