Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    Jul 2009
    Location
    Most of the time - internet
    Posts
    85
    Thanks
    0
    Thanked 1 Time in 1 Post

    Question Storing & Retrieving messages from the database

    Hi,

    I have developed my own messaging system and I would like some help on how to store posts that users make.
    At the moment they are stored in the database with nl2br() being executed on the message BEFORE it is stored. Users have discovered the HTML entities loop hole and I need to fix it ASAP. If I use htmlentities() then all <br /> tags are going to be converted, which will mess up the output because everything is put onto one line.

    So I need a way to output the messages so that multi-line works normally but they can't use HTML tags.

    Does anybody know how to do this? I am guessing it will require me to leave \n in the database version and on output, convert it to <br />

    Thanks.

  • #2
    Codeasaurus Rex
    Join Date
    Jun 2008
    Location
    Redmond, WA
    Posts
    659
    Thanks
    31
    Thanked 100 Times in 94 Posts
    I believe a common method is to use htmlentities after the nl2br.

    As such:
    PHP Code:
    <?php

    $forDB 
    nl2brhtmlentities$_POST['message'] ) );

    ?>
    Don't forget to also sanitize your input using a function such as mysql_real_escape_string()
    Unless otherwise stated, any code posted is most likely untested and may contain syntax errors.
    My posts, comments, code, and suggestions reflect only my personal views.
    Web Portfolio and Code Snippets: http://shanechism.com

  • #3
    New Coder
    Join Date
    Jul 2009
    Location
    Most of the time - internet
    Posts
    85
    Thanks
    0
    Thanked 1 Time in 1 Post
    Works brilliantly! Thank you!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •