aliento Posted March 24, 2013 Share Posted March 24, 2013 Hello, i use mysql_real_escape_string() to avoid sql injections but it escapes and line breaks \n. What should i do to keep the line breaks from the form and be protected by injections. Thank you Link to comment https://forums.phpfreaks.com/topic/276086-avoid-sql-injection-but-still-have-break-lines/ Share on other sites More sharing options...
PaulRyan Posted March 24, 2013 Share Posted March 24, 2013 When outputting the data, use nl2br to convert line ending characters to new lines. Take this for example: <?PHP $string = "This is a string. \r\n This is on a new line."; echo 'Without nl2br() <br> "'. $string.'"'; echo '<br>---------------------------<br>'; echo 'With nl2br() <br> "'. nl2br($string) .'"'; ?> Link to comment https://forums.phpfreaks.com/topic/276086-avoid-sql-injection-but-still-have-break-lines/#findComment-1420716 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.