PHP Sanitized markdown - html output

I have WMD editor on my site, and i store the markdown in the DB. But before i send the markdown to database i filter it with mysql_real_escape_string, like that:

$to_database = mysql_real_escape_string($_POST['markdown']);

And it's ok开发者_StackOverflow中文版ay. But now I want to show it, so i use PHP Markdown (which converts markdown to html). But the problem is that it shows me \r\n and \n instead of new lines. I tried nl2br function, but it didn't help. Even if I do not escape the output (do not convert markdown to html and using htmlpurifier) I still get \n instead of new lines. Only when I remove mysql_real_escape_string it looks fine.

bbbbbbbbbbb nnnnnnnnn

You may have something sitting on your input layer and escaping incoming characters with backslashes, so that when you use mysql_real_escape_string you're actually getting double-escaped content.

If you are very unlucky that thing might be magic_quotes_gpc in which case you should get rid of it ASAP, or if you really can't then work around it.

They are being converted and are no longer acting as line breaks. You want to replace them:

$markdown = str_replace('\r\n','<br/>',$_POST['markdown']);
$markdown = str_replace('\n','<br/>',$markdown);

You might also want to do this:

$markdown = html_entity_decode($markdown);