Best practice (insertion into mysql)
Posted on 2008-11-04
Hi guys firstly sorry if this is a follow up from another one i previously posted.
Guys im now using mysql_real_escape_string for all my data insertions into mysql.
I just need some help clearing the following example up.
Example of an insert:
The below is the exact thing I am typing in to a textarea field, and I want this to be DISPLAYED back exactly as I type it in.
How im inserting the above:
When I insert it, im inserting it as follows:
$bothCode = $_POST['bothcodearea'];
$bothCode = mysql_real_escape_string($bothCode);
What it looks like in the database:
In the database, it looks like below:
<?php\r\necho \\\"hi\\\";\r\necho \\\"hi\\\";\r\n?>
What it looks like on VIEWING the record from a browser:
On VIEWING the record, it looks like below:
<?phprnecho \"hi\";rnecho \"hi\";rn?>
Guys, on viewing in a browser, how do i get it to look like:
That is, exactly how i have typed it in?
On insert, should I be using nl2br?
I did try this, but when I used nl2br in conjunction with mysql_real_escape_string, it didnt work properly.
Should I only use mysql_real_escape_string on insertion, and not use any other function on insert?
Any help greatly appreciated.