Insert and fetch value in MYSQL through textarea tag

**Atli** · Feb 9 '10, 11:35 AM

Hey.

Textareas take their data as plain-text, in which line breaks are represented as a combination of the "\r" and "\n" characters. - HTML, on the other hand, does not recognize the plain-text line breaks. It uses the <br> tag as line-breaks (<br /> in XHTML).

Which means that when you want to print plain-text data (such as the text from a textarea) into HTML, you need to convert the plain-text line-breaks to HTML line breaks.

Like with most common tasks, PHP has a function that does this for you: the nl2br() function. See the manual entry for more details.

**robin1983** · Feb 9 '10, 11:58 AM

Thanks for quick response and it working properly but i face a new problem if the content that i copy contain the ' ' (single quote), the mysql is facing issue and it wont allowing to insert the data. can you please help me in ignoring the single quote.

Thanks

**Atli** · Feb 9 '10, 12:13 PM

That is a very common problem. In fact, that is the #1 security problem PHP applications face.
It's called SQL Injection; an attack on a database using purposefully malformed SQL statements.

To protect against it, you must escape all characters in user input that MySQL might mistakenly parse as is if it were something other than text. The two best methods of dealing with this in PHP/MySQL is to use the mysql_real_esca pe_string function or Parameterized Statements. - The latter is arguably superior, but the former easier to use.

**robin1983** · Feb 9 '10, 12:27 PM

Dear Atil,

Thank you very very much, now i have used mysql_real_esca pe_string function and its working properly. Thank you very very much for the help.

I will be back incase i face any more issue.

With Regards,

Robin

Insert and fetch value in MYSQL through textarea tag

Insert and fetch value in MYSQL through textarea tag

Comment

Comment

Comment

Comment