some symbols not shown in div container but shown in textarea - php

Question

I have some values in one mysql table:

Tom's SomeText
<html>
And some other text

I want to show this values in a div container and I can only see this:

Tom's SomeText

And some other text

When I want to show the same values in a textarea I get this:

Tom's SomeText
<html>
And some other text

I have mysql in UTF-8-general CI and my php files are UTF8 encoded. Also I added

<meta charset="UTF-8">

just to be sure. ... but it doesn't work.

FIRST PHP (here '<'html'>' is not shown)

<?php
$sql="SELECT * FROM posts";
$result=$conn->query($sql);

if($result->num_rows>0)
{
    while($row = $result->fetch_assoc())
    {
    ?>
        <div class="col span_2_of_3">
        <a href="post_edit.php?edit_id=<?php echo $row['id']; ?>"><div class="dl"><h2>EDIT</h2></div></a>
        <p><?php echo nl2br($row["content"]); ?></p>
        </div>
    <?php
    }
}
else{
    echo "shit";
}

SECOND PHP (here '<'html'>' is shown)

$sql_query="SELECT * FROM posts WHERE id=".$edit['id'];
    $edit_f=$conn->query($sql_query);
    if($edit_f->num_rows>0)     {
        while($red = $edit_f->fetch_assoc())    {
            echo '<textarea rows="1000" id="postcontent" name="postcontent">'.$red['content'].'</textarea><br>';
        }
    }
    ...

Even here (in stackoverflow's textarea, if I use this symbol '<' without '', it get's hidden :) )

How to fix my problem?

Big thanks in advance

Elements are rendered you need to convert the `<`, `>`s to entities, use `htmlspecialchars`. http://php.net/manual/en/function.htmlspecialchars.php — chris85, Nov 26 '16 at 17:02
Possible duplicate of [How to prevent XSS with HTML/PHP?](http://stackoverflow.com/questions/1996122/how-to-prevent-xss-with-html-php) — chris85, Nov 26 '16 at 17:03

some symbols not shown in div container but shown in textarea - php

0 Answers0