我想要的是当用户在描述框中输入换行符时,即:HTML中的textarea,则所有数据都安全地存储在SQL数据库中,但是如果用户给出链接,则链接也变为文本,但是当用户在描述文本框中输入回车符或换行符时,则它保存在数据库中,并且在从数据库中检索它时,将再次显示换行符.
//In The text area the user enter the text. Here I want if user gives html links then links becomes text and if user give line break then line break store in the database and I can get back as it is how user submitted the form. Also I want to store data securely for avoiding sql injection but dont have the exact idea how to do it.
$text = $_POST['description'];
$text = htmlentities($text); // Here I want to remove html entities for avoiding sql injection
$text = mynl2br($text);
// Now Fire Insert Query All the data save but while retrieving the data I am not able to get line break and turning links to the text.
function mynl2br($text) {
return strtr($text, array("
" => '
', "" => '
', "
" => '
'));
}
这就是我正在执行的操作,但是链接仍然是链接,并且在我检索文本时显示的内容没有换行符.一行或一段落中的所有文本.
请在上面的代码中建议我做错了什么.以及如何避免sql注入并可以安全地存储和检索数据.