keep textarea input format after using mysql_real_escape_string to store

Question

I am using php5.3.6 and mysql 5.1.56 and CodeIgniter. Here is what I did.

1. Input some text in textarea, something like this:

   ---

   what\'s this?

Answer 1

You must escape data before inserting it into the database, to ensure you do not produce broken queries and to avoid SQL injections. However, when you retrieve that data via a SELECT, you'll receive the data unescaped, ready to be used.