Home/ Questions/Q 9200309
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T22:44:15+00:00

I have a text area in a form that does this: <textarea rows=4 name=message></textarea>

  • 0

I have a text area in a form that does this:

<textarea rows="4" name="message"></textarea>

In PHP, when form is submitted, this happens:

 $text_form = $database -> escape_value($_POST['message']);

Then it is sent as part of an email message using PHPMailer:

$message .= '<p style="font-family: Arial, verdana, sans-serif;"><strong>Brief Message</strong>: ' . $text_form . '</p>';

Last here, is my database method referred to above:

public function escape_value($value) {
    if ( $this->real_escape_string_exisits ) {
    if ( $this->magic_quotes_active ) { $value = stripslashes( $value ); }
        $value = mysql_real_escape_string($value);
    } else {
        if (!$this->magic_quotes_active ) { $value = addslashes( $value ); }
    }
    return $value;      
}

This above method is virtually copied from a Lynda.com tutorial, line by line.

Now on the email, if the user hits return in the text field, he gets this

Here is line one. Now I will press return here.\r\nThis is the new line

Why is there a \r\n being added? I understand what those mean, but why do they show up?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    From PHP docs:

    mysql_real_escape_string() calls MySQL’s library function mysql_real_escape_string, which prepends backslashes to the following characters: \x00, \n, \r, \, ‘, ” and \x1a.

    So your string now contains two backslashes and two more letters instead of the newline.

    Now the question is what you do with $value later. If you insert it into an SQL statement, that’s how it should be; if you use it for the mail directly, it has literal \r\n instead of carriage return line feed.

    • 0