Dane Posted December 1, 2007 Share Posted December 1, 2007 Hey guys. I am using mysql_real_escape_string and htmlentities $var = mysql_real_escape_string(htmlentities($row['body'])); But when i enter a line break in my database <br /> It comes up with stuff like <br />/r/n How can i add breaks into the data ill pulling out? Thanks Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/ Share on other sites More sharing options...
Dane Posted December 1, 2007 Author Share Posted December 1, 2007 <br /> is what i enter Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403545 Share on other sites More sharing options...
PHP_PhREEEk Posted December 1, 2007 Share Posted December 1, 2007 You can try nl2br http://us2.php.net/manual/en/function.nl2br.php PhREEEk Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403548 Share on other sites More sharing options...
revraz Posted December 1, 2007 Share Posted December 1, 2007 nl2br ? Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403549 Share on other sites More sharing options...
Dane Posted December 1, 2007 Author Share Posted December 1, 2007 $var = nl2br(mysql_real_escape_string(htmlentities($row['body']))); returns <br />\r\n im using bbcode aswell.. Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403562 Share on other sites More sharing options...
Wes1890 Posted December 1, 2007 Share Posted December 1, 2007 Just do a simple substr() $var = mysql_real_escape_string(htmlentities(substr("\r\n","<br />",$row['body']))); It replaces \r\n with <br /> Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403566 Share on other sites More sharing options...
PHP_PhREEEk Posted December 1, 2007 Share Posted December 1, 2007 You said your <br's were getting turned into newlines on the way into the db. nl2br should re-convert it back when the data is pulled out. You don't need to do MRES or htmlentities on the info coming back out. It should have been sanitized on the way in. Kind of like addslashes going in, strip them coming out. you wouldn't addslashes going in, then addslashes again when you pull the data out. PhREEEk Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403567 Share on other sites More sharing options...
Dane Posted December 1, 2007 Author Share Posted December 1, 2007 ok, thanks, think its sorted Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403572 Share on other sites More sharing options...
Dane Posted December 1, 2007 Author Share Posted December 1, 2007 So to conclude this and to stop any sql injection... what would be the best way to input into the database htmlentities mres addslashes stripslashes? thanks Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403576 Share on other sites More sharing options...
Wes1890 Posted December 1, 2007 Share Posted December 1, 2007 Just mysql_real_escape_string() should work to prevent mysql injection Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403578 Share on other sites More sharing options...
Dane Posted December 1, 2007 Author Share Posted December 1, 2007 Awesome, thanks for all ur help guys <3 Link to comment https://forums.phpfreaks.com/topic/79690-solved-line-breaks/#findComment-403580 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.