Hi All I have a problem with outputting data.
Everything that is posted via $_POST I first secure with the following statement:
$variable = mysql_real_escape_string($variable);
Now I have a form where people can enter text. When something went wrong people do not have to type in al the text again. it is first stored in mysql and then loaded again in the form.
For example it can look like this (enters):
input line one
input line two
input line three
When it is loaded again it is converted into: input line one\r\ninput line two\r\ninput line three. This should not happen. Or it should to make the input save. But when I echo this I get these \r\n. How can I visualize the ouput with enters again?
B.r.
Herman
mysql_real_escape_string
Moderator: General Moderators
- AbraCadaver
- DevNet Master
- Posts: 2572
- Joined: Mon Feb 24, 2003 10:12 am
- Location: The Republic of Texas
- Contact:
Re: mysql_real_escape_string
Different problem, probably same solution: viewtopic.php?f=1&t=116557
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
Re: mysql_real_escape_string
I tried this but it is not working. An 'enter' gets a \r\n.
- AbraCadaver
- DevNet Master
- Posts: 2572
- Joined: Mon Feb 24, 2003 10:12 am
- Location: The Republic of Texas
- Contact:
Re: mysql_real_escape_string
The \r\n was in the original text that was entered so it is still there. If you actually want to see it in HTML, try nl2br().herman101 wrote:I tried this but it is not working. An 'enter' gets a \r\n.
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
Re: mysql_real_escape_string
I think that must work. I plot the text back in a txt area like this:
<textarea name="verhaal" rows="12" cols="63">
<?php echo nl2br($message,false); ?>
</textarea>
It need to change it in some place. Can you help with that?
<textarea name="verhaal" rows="12" cols="63">
<?php echo nl2br($message,false); ?>
</textarea>
It need to change it in some place. Can you help with that?
Re: mysql_real_escape_string
I got something working:) Keep de mysql_real _escape_string. When I want to put out my $variable I pas it through the stripcslashes function. That works!
- AbraCadaver
- DevNet Master
- Posts: 2572
- Joined: Mon Feb 24, 2003 10:12 am
- Location: The Republic of Texas
- Contact:
Re: mysql_real_escape_string
That was my original post. You need to stripslashes() before you insert.herman101 wrote:I got something working:) Keep de mysql_real _escape_string. When I want to put out my $variable I pas it through the stripcslashes function. That works!
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
Re: mysql_real_escape_string
Actually, you need to "split" the variable path through the source, depending on when you plan yo use it. For the fork in the road that goes to the database, use mysql_real_escape_string(). For the fork in the road that goes to HTML, escape HTML special chars, nl2br(), etc.