>That looks like the result of htmlentities(nl2br($string)). Actually, it's probably the result of just nl2br($string) and being in the midst of the INPUT tag in the first place...
>Do it the other way around. > >Better yet, don't call nl2br or htmlentities or anything else on data that >you are inserting into your database. Madness that way lies. >Instead, use those functions only when outputting data to the browser. Yes! I forgot to say that part. Don't put the nl2br() part in before you insert it to the database. You'll give yourself a major headache some day, like when you need to send that data off to something that's *not* a browser. And it *will* happen, sooner or later. You *DO* need the htmlentities() to change your $string into valid HTML, so you can send it to the browser and fish it back out reliably. You are essentially treating the browser as a "data storage facility", but a browser only accepts HTML data. Thus, you must convert your data into HTML using htmlentities() when storing it there. You do *NOT* want to convert it with htmlentities() or nl2br() when storing it in MySQL. You only want to use Magic Quotes *OR* addslashes() to store into MySQL. Then, only when you *finally* output it to the end-user do you want to use nl2br() to add any HTML needed to properly display it. I hope this is making some sense now. It's hard to know when to apply these functions, but the two basic rules I would suggest you try to follow are: Be sure you use the right function to store the data in the place you're putting it: htmlentities to "store" HTML data addlashes() to "store" MySQL data (Or Magic Quotes instead of addslashes) nl2br() only to output the data in the final rendering to the end-user And, only apply these functions at the last minute that you have to -- Applying them any sooner than that will give you a data-headache. Still, though, using the browser as "data storage facility" in a multi-page FORM is not such a Good Idea (tm) in the first place. The browser is really good at *presenting* data, but wasn't really designed as a substitute for a database. Put your data into the database as soon as possible. MySQL is *really* good at data storage. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
