3

I am new to programming with php. I've done that: There is a textarea that user writes text, and it is saved to db. But when listing the entries, the text with html tags are shown as html elements.

For example, "I'm < b >25< /b > years old" is shown "I'm 25 years old".

I want to show it as what user writes on textarea, not applying html rules. And due to this, user can not break multiple lines.

How can I avoid all html properties? is there any function or something else to help me?

Improve this question
1
  • help about multiple line breaks? Commented Mar 24, 2011 at 19:39

2 Answers 2

Reset to default
2

Run the posted content through htmlentities:

$var = htmlentities($old_var);

Note: you should also be making sure you're not making yourself vulnerable to SQL injection.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Save it to the database but escape every value that comes from a user to avoid mysql-injections.

Example:

$sqlaction = mysql_query("INSERT INTO posts (text) VALUES ('".mysql_real_escape_string($_POST['text'])."')");

if you want to Show it on a page use htmlentities like this:

<div><?php echo htmlentities($row['text']); ?></div>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.