formating a comment

[eluser]timaksu[/eluser]
hi guys. users can submit comments in my website, and to make the comments safe i do this before putting the string into the database:

Code:

$text = strip_tags($text);
    $text = nl2br($text);
    $text = mysql_real_escape_string($text);

it works but creates extra \n's due to the mysql escape... when i remove the escape it works, but i havnt escaped it.. and when i move the nl2br under the escape, the \n's wont get changed to <br />'s (in any way at all).

i was also wondering if there was a way to do all this with functions provided by codeigniter.

lastly, does it matter if i dont escape? i use this

Code:

$this->db->insert

to insert the right stuff into the right table/rows. does it escape on its own? (i was told that these db functions do that on their own? i dont know. i wanted to make sure)

thanks

[eluser]TheFuzzy0ne[/eluser]
If you're inserting using CodeIgniter's Active Record class, it automatically escapes the string for you, so in essence, it's being escaped twice, which is causing the problem.

[eluser]timaksu[/eluser]
all fixed now 8-/