0

hello i was trying to insert whole html data into database for which i used 

$details = htmlspecialchars(stripslashes(mysql_real_escape_string($_POST['message'])));

which seem to work fine as before it was giving error as there were extra "" while inserting the html for eg "<p>hello</p>" so by using the above it got inserted by now when i am trying to retrieve the data its not coming in correct format.

can some one point me what to use with <?php echo $row['details']; ?> to get the correct html format

Param Veer
  • 776
  • 4
  • 13
  • 27
  • And where did you find this method of preparing text for database insertion? It's very much exactly the wrong escaping function order. Look into prepared statements. – mario Mar 05 '13 at 18:45
  • possible duplicate of [PHP: Decoding Html Entities](http://stackoverflow.com/questions/11581555/php-decoding-html-entities) or better: http://stackoverflow.com/questions/6465263/reverse-htmlentities – mario Mar 05 '13 at 18:46
  • Does the data have to be human readable while in the database? If not, I'd just `encode in base64` for storage, then `decode from base64` to display it. – WhoaItsAFactorial Mar 05 '13 at 18:47
  • no the data is not be readable to humans in database lol . but still is there any way to get it in correct format with the functions i used while inserting data into database – Param Veer Mar 05 '13 at 18:50
  • the suggested links does not give the the result :( – Param Veer Mar 05 '13 at 18:53
  • for eg i want this in normal html `rn<p>bnn &nbsp;<img src="/neeti/wedding%20website/admin/data/img/uploads/1280_Golf With Sun.jpg" style="line-height: 1.5em; cursor: nw-resize; width: 257.6px; height: 161px;"></p>rn` – Param Veer Mar 05 '13 at 18:55

1 Answers1

1

Don't use stripslashes. because mysql_real_escape_string put / before each quote (" '). when you use stripslashes, it will remove that slashes. so you dont get proper output

Sumit Bijvani
  • 8,154
  • 17
  • 50
  • 82
  • this was really something useful. I removed `stripshlases` from the input of data and it worked like a charm thanks for saving me to be awake at late night :) – Param Veer Mar 05 '13 at 19:05