Hi,
PHP newbie here, and my first post.
I am in the process of learning PHP. Currently I am looking at forms and DB input.
I would like to verify if my current method of keeping the linebreaks from a TEXTAREA field, and still keep the DB input safe is correct.
I use the following code to get the input from the TEXTAREA field.
$comments = mysql_real_escape_string(nl2br(filter_var($_POST["comments"], FILTER_SANITIZE_STRING)));
Is this the correct way of handling this?
Thanks