DEVHIDE
Login Or Sign up

PHP Sanitized markdown - html output

2.1k Views Asked by At

I have WMD editor on my site, and i store the markdown in the DB. But before i send the markdown to database i filter it with mysql_real_escape_string, like that:

$to_database = mysql_real_escape_string($_POST['markdown']);

And it's okay. But now I want to show it, so i use PHP Markdown (which converts markdown to html). But the problem is that it shows me \r\n and \n instead of new lines. I tried nl2br function, but it didn't help. Even if I do not escape the output (do not convert markdown to html and using htmlpurifier) I still get \n instead of new lines. Only when I remove mysql_real_escape_string it looks fine.

bbbbbbbbbbb nnnnnnnnn

php mysql-real-escape-string wmd-editor wmd-markdown
Original Q&A
2

There are 2 best solutions below

2
On BEST ANSWER

They are being converted and are no longer acting as line breaks. You want to replace them:

$markdown = str_replace('\r\n','<br/>',$_POST['markdown']);
$markdown = str_replace('\n','<br/>',$markdown);

You might also want to do this:

$markdown = html_entity_decode($markdown);
0
On

You may have something sitting on your input layer and escaping incoming characters with backslashes, so that when you use mysql_real_escape_string you're actually getting double-escaped content.

If you are very unlucky that thing might be magic_quotes_gpc in which case you should get rid of it ASAP, or if you really can't then work around it.

Related Questions in PHP

Related Questions in MYSQL-REAL-ESCAPE-STRING

Related Questions in WMD-EDITOR

Related Questions in WMD-MARKDOWN

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.