Escaping, and what I'm doing wrong?
Posted: Sun Feb 24, 2008 12:46 am
hi,
i'm having some trouble with escaping/displaying a string entered via input/text fields.
in the past, i have done what i think is the same thing, but... i am getting improper characters in my output.
here is what is happening going in:
from this:
output calls this:
but shows the follow characters:
\" instead of "
\' instead of '
\r\n instead of a linebreak
any insight would be great
i'm having some trouble with escaping/displaying a string entered via input/text fields.
in the past, i have done what i think is the same thing, but... i am getting improper characters in my output.
here is what is happening going in:
Code: Select all
$q2 = "UPDATE tms_profile SET
profile_blurb = '".mysql_real_escape_string($_POST["profile_blurb"])."',
profile_title = '".mysql_real_escape_string($_POST["profile_title"])."'
WHERE profile_memid=".$memID;
$result = mysql_query($q2) or die (mysql_error());Code: Select all
<label for="profile_blurb">bio: </label>
<textarea name="profile_blurb" class="" cols="60" rows="7"></textarea>Code: Select all
<?php echo nl2br($profile_blurb); ?>\" instead of "
\' instead of '
\r\n instead of a linebreak
any insight would be great