?
Solved

Php form output

Posted on 2016-11-15
5
Medium Priority
?
27 Views
Last Modified: 2016-11-15
Dear experts,

I use below string to escape from sql injection,

$comment = $mysqli->real_escape_string($comment);

But the output has /r/n

Should i store the customer comment data like this?
What do you suggest i should do?

I also email this output

I can send the original message email store the data like this?
0
Comment
Question by:Braveheartli
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 1000 total points
ID: 41887655
You should store the end-of-line characters if they have programmatic meaning.  If they come from a client comment, submitted via a web form, they probably have meaning and should be stored.  They will work just fine in email.

What will not work well in email is JavaScript or unwanted HTML markup.  Consider using htmlentities() to sanitize these strings before browser output or email.
1
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 41887661
And in a semi-related matter...

This is a data-dependent question, with a lot of widely variable context.  When you have questions like this one, it's wise to show us your test data, and tell us how the data is going to be used.  Then we can provide more focused responses, and maybe even code examples.
0
 
LVL 58

Assisted Solution

by:Julian Hansen
Julian Hansen earned 1000 total points
ID: 41887662
A \r\n indicates a line break - which is ignored in HTML. If your email is an HTML email and you want the line break to be visible you would need to look at functions like nl2br().

However, the question is about storing the \r\n and as commented in your other question https://www.experts-exchange.com/questions/28983113/real-escape-string-Usage.html - if the \r\n has relevance for the output later then store it.
0
 
LVL 9

Expert Comment

by:Moussa Mokhtari
ID: 41887664
I totally agree with Ray , its up to you whether you save it or not after all if you are going to show \r\n on client side it will not show any thing !.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 41887709
... it will not show any thing
That's almost right.  It will show something, and that something will be only a single blank (space) character.  Browsers collapse consecutive whitespace characters into a single blank.  That means that five blanks looks the same in the browser viewport as one blank.  Three tabs and a line feed?  Looks like one blank. One blank?  Looks like one blank.  Forty-five EOL characters?  Yep, you guessed it!

You can tell these things apart by using "view source" to see where the rendered document contains the original formatting characters.

You can also use the <pre> tag in HTML to see the original formatting.  You can't readily tell the \r from the \n (no visual cue) but you can see most of the formatting.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . Websites are getting bigger and more complicated by the day. Video, images and custom fonts are all great for showcasing your product or service. But the price to pay in…
This post looks at MongoDB and MySQL, and covers high-level MongoDB strengths, weaknesses, features, and uses from the perspective of an SQL user.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question