formatting data from a database
 

So, I've created a website where users can comment on entries, their comments are stored in MySQL and then displayed under each entry. I'm not sure if I'm asking this correctly, but how do you format their entry on the site? What I mean, for example, is if someone types this in the form:

It is stored in the database like this:

...but when it is read from the database and put on the site it looks like this:

Is there a way to display it with the different line on the site like it was typed?

Are you using php? If so, check out the functions nl2br() and htmlspecialchars()
That should give you something to start from.

Most likely it is the browser that is at 'fault'.
try outputting the results from the database surrounded by PRE /PRE tags in the HTML code.
That should keep whitespace formatting as it was entered.

Try looking in the source of your webpage (rightclick->view source) and see wether the text was received correctly. If it is correct in the source (which means it was interpreted and sent correctly by the server) using PRE tags should work.

Welshbyte's suggestion of nl2br() should work as well. It puts BR tags in the output, forcing the browser to start a new line.

The nl2br() function works well...thanks! I looked up htmlspecialchars() on php.net and I don't really understand what it does.

I find that nl2br() doesn't convert Windows' \r\n endline sequence in POST data to an HTML <br> tag on some systems. Maybe it's because they have older PHP versions. If this happens to you, here's a workaround:

This may help. Basically, it converts characters that HTML doesnt like (ampersand and the like) to their HTML counterparts.

Basically, you needed the nl2br() function because the data was being stored with newline characters instead of <br> tags. Because HTML doesnt recognize the newline characters, it was displaying it all on one line.

You also might want to think about using these functions and/or maybe some other string functions (see php manual) to purify the input text _before_ you send it to the database to avoid the chances of SQL injection exploits. There's also a good chapter on this in the security section of the php manual. Its all on http://www.php.net as sailor pointed out :thumbsup:

nl2br!!!!!! and here I've been using preg_replace all this time. I feel so ashamed.

Relax. At least yours works. I wrote the little snippet above because nl2br() doesn't always work.

In addition to SQL injections, you're going to want to do something about people posting HTML that contains malicious scripts and ActiveX objects. That's why all of these forum programs use the funky "bbCode" square bracket markup.