changing plain txt to html

[jez]

Hi there,

I have a standard text box on a form, which feeds a database to be output another page of the site.

What i am trying to do is preserve the newline characters entered, but nothing else and specifically stopping any nasty chacters that can either break the sql or worse.

I have tried doing the following

//$pageText = str_replace("'", "’", $_GET['pagetext']);
$pageText = str_replace('"', "’", $_GET['pagetext']);
//$pageText = str_replace(" "," ", $pageText);
$nPageText = preg_replace("/(\015\012)|(\015)|(\012)/","\$1 &nbsp;<br>",$pageText);
//$nPageText = urlencode($nPageText);

and then inserting $nPageText into the db.

As it is, with the comments it does preserve the newlines, but it may not be too secure.

Also when i return to edit it, the content in the database has the html code in it, which i can seem to get rid of... i am trying

where $nPageText is now coming out of the database.
$pageText = preg_replace("<br>","#015",$nPageText);

But this leaves me with &gt;and &lt; scattered through the text....

Can anyone show me where i'm going wrong.


Thanks


JEz

 

[jez]

that should have read "leaves < and > thorugh the text

 

[sleipnir214]

Have you looked at nl2br()?

Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[jez]

thanks, that does the trick, i figured there must be a easy way to do it...

now i have...

$pageText = nl2br($_GET['pagetext']);
$pageText = urlencode($pageText);
$sql .= ",pageText=\"$pageText\"";

so i can strip any nasty characters out with urlencode aswell!

Thanks.

JEz