How to preserve hyperlink when submitting via php form into MySQL

Posted by TheTub on Stack Overflow See other posts from Stack Overflow or by TheTub
Published on 2009-10-27T18:57:50Z Indexed on 2010/04/20 21:03 UTC
Read the original article Hit count: 341

Filed under:
|
|
|

Hi All,

I've created a form that stores free text fields into a MySQL database.

All works fine and the data is displayed back as intended when viewed. Except for one niggle.

In an attempt to prevent malicious attacks I have used mysql_real_escape_string to remove any unwanted code from the input.

However, I need to be able to preserve hyperlinks and basic html.

For example, I want to store the following:

<p align="left">Please follow this <a href="link.html">link</a></p>

But the link is being stored as \"link.html\" as the quotes are being escaped.

How can I preserve this link and other html?

Many thank

TT

© Stack Overflow or respective owner

Related posts about php

Related posts about form