Reputation: 190
Saving data to database from textarea
I am a newbie in PHP. I just want to know why every time I save a string data from textarea it's always having the <p> string </p> format inserted in the database. This is my code:
<table>
<tr>
<td>
<textarea name="event_desc" cols="40" rows="10" id="event_desc"></textarea>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Add" id="Add" value="Add event" /></td>
</tr>
</table>
And everytime i include a single quotation ('), it always appears as " & #39;" without space.This is the sample output:
input: test2 ' (and every space i made count)
<p> test2 ' $</p>
I already use mysql_real_escape_string, addslashes and stripslashes.
This is my code in saving into database:
<?php
if(isset($_REQUEST['Add']))
{
$event_title=$_POST['event_title']; $event_desc=mysql_real_escape_string($_POST['event_desc']);
$section=$_POST['section'];
$get_date=NOW;
if($event_title=="" || $event_desc=="")
{
echo'<div class="warning">Some of the fields are empty.</div>';
}
else
{
mysql_query("INSERT INTO events (`event_title`, `event_desc`,`event_date`,`event_target`) VALUE('$event_title','$event_desc','$get_date','$section')") or die(mysql_error('Error: Error in adding entries'));
echo'<div class="success">You have just added 1 event for School. You will be redirect in 5 seconds</div>';
echo "<META HTTP-EQUIV='Refresh' CONTENT='5; URL=events.php'>";
}
}
?>
Thanks you guys for the help.
Upvotes: 2
Views: 6205
Answers (4)
Reputation: 310
Other than traditional methods mention above.
We can encode string coming from text area using "base64_encode" and then store in db...While retrieving from db decode it back using "base64_decode" function.
Note:- As per document it consume 33% more space.
Ref:- http://php.net/manual/en/function.base64-encode.php
Upvotes: 0
Reputation: 5094
my suggestion will be to use mysqli::real_escape_string with prepared statements
click mysqli::real_escape_string
Upvotes: 2
Reputation: 22711
You can use addslashes() while storing into db and use to retrive if it is encoded htmlspecialchars_decode
<?php
$str = "<p>this -> "</p>\n";
echo htmlspecialchars_decode($str);
// note that here the quotes aren't converted
echo htmlspecialchars_decode($str, ENT_NOQUOTES);
?>
OUTPUT:
<p>this -> "</p>
<p>this -> "</p>
Ref: http://www.php.net/manual/en/function.htmlspecialchars-decode.php
Upvotes: 1
Reputation: 555
Your saving html encoded text to your database. Punctuation are encoded when viewing in a page. So you have to decode them some how. I'm not a PHP person, but I know this is your problem.
Upvotes: -2
Related Questions
- How do i post text from textarea to mysql database
- Saving text area into mySQL database field PHP
- sending data from textarea to mysql
- PHP insert textarea text into database
- Saving textarea in the database
- Storing pure text from a textarea to a MySQL database correctly
- Saving textarea contents to mysql then displaying correctly on page
- How do I save text from a textarea into a MySQL database with PHP when a Save button is clicked?
- php upload textarea content into mysql table
- Using PHP to save from textarea to db