dacoder96
04-20-2011, 02:11 AM
Hi,
I have developed my own messaging system and I would like some help on how to store posts that users make.
At the moment they are stored in the database with nl2br() being executed on the message BEFORE it is stored. Users have discovered the HTML entities loop hole and I need to fix it ASAP. If I use htmlentities() then all <br /> tags are going to be converted, which will mess up the output because everything is put onto one line.
So I need a way to output the messages so that multi-line works normally but they can't use HTML tags.
Does anybody know how to do this? I am guessing it will require me to leave \n in the database version and on output, convert it to <br />
Thanks.
I have developed my own messaging system and I would like some help on how to store posts that users make.
At the moment they are stored in the database with nl2br() being executed on the message BEFORE it is stored. Users have discovered the HTML entities loop hole and I need to fix it ASAP. If I use htmlentities() then all <br /> tags are going to be converted, which will mess up the output because everything is put onto one line.
So I need a way to output the messages so that multi-line works normally but they can't use HTML tags.
Does anybody know how to do this? I am guessing it will require me to leave \n in the database version and on output, convert it to <br />
Thanks.