Solved

Preserving special characters and carriage returns from textarea into database

Posted on 2007-11-20
2
1,529 Views
Last Modified: 2013-12-13
I have a form with a textarea and I want to insert the textarea value into a table...here is the table structure and code:

messageid INT
type TINYINT
authorid INT
datetime DATETIME
subject VARCHAR 100
message MEDIUMTEXT

And here is the code:
$sql = "INSERT INTO messages ";
$sql .= "(";
$sql .= "type, ";
$sql .= "authorid, ";
$sql .= "datetime, ";
$sql .= "subject, ";
$sql .= "message";
$sql .= ") VALUES (";
$sql .= "0, ";
$sql .= $fromuserid . ", ";
$sql .= "\"" . date("Y-m-d H:i:s", time()) . "\", ";
$sql .= "\"" . $subject . "\", ";
$sql .= "\"" . addslashes($message) . "\"";
$sql .= ")";
$safesql = & new SafeSQL_MySQL; //class module to protect against SQL injection attacks
$sql = $safesql->query($sql);
mysql_select_db($mysql);
mysql_query($sql);      

This inserts this text fine:
"

------------ Original Message -----------
From: <a href="profile.php?id=71">Meggie D</a>
Date: 2007-11-19 10:58 AM

Testing 1..2..3...
"

However, upon selecting and displaying this data, it seems as if somewhere in the process all the line feeds and carriage returns got stripped or do not come back out of the table correctly.

Any ideas as to what it is I'm doing wrong?

Thanks.
0
Comment
Question by:HarpuaFSB
2 Comments
 
LVL 142

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 500 total points
ID: 20323193
you have to be aware that the newline, in html, will do nothing.
you have, for the linebreak in html to get "visible", be translated into the string <br>.

check out the nl2br() function of php for that

0
 
LVL 21

Expert Comment

by:nizsmo
ID: 20323227
as angellll said, it is because the newline "\n" character won't be displayed in html, so you will need to do this when you insert and it will convert the newline characters into <br>'s:


$sql = "INSERT INTO messages ";

$sql .= "(";

$sql .= "type, ";

$sql .= "authorid, ";

$sql .= "datetime, ";

$sql .= "subject, ";

$sql .= "message";

$sql .= ") VALUES (";

$sql .= "0, ";

$sql .= $fromuserid . ", ";

$sql .= "\"" . date("Y-m-d H:i:s", time()) . "\", ";

$sql .= "\"" . $subject . "\", ";

$sql .= "\"" . nl2br(addslashes($message)) . "\"";

$sql .= ")";

$safesql = & new SafeSQL_MySQL; //class module to protect against SQL injection attacks

$sql = $safesql->query($sql);

mysql_select_db($mysql);

mysql_query($sql);  

Open in new window

0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
.php tree directory? 5 56
How to use md5 hashing 3 28
How do I change the from header when sending a mail 1 18
using php variable inside javascript 5 15
I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now