save html-formatted text to database

I want to save html-formatted text to database, but when I do that it is don't save html-symbols like < / > ' and others This is how I read article from database for editing:

<p class="Title">Англійський варіант:</p>
    <textarea name="EN" cols="90" rows="20" value="<?php echo htmlentities($articleArr['EN'], ENT_QUOTES, "UTF-8"); ?>" ></textarea>

after this generates such html-code:

<p class="Title">Англійський варіант:</p>
    <textarea name="EN" cols="90" rows="20" value="&lt;p class=&#039;T开发者_如何学Goitle&#039;&gt; привыт &lt;/p&gt;" ></textarea>

So, I expect that this text will appear in my text field, in html-code of this page it is, but in text area is no.

In database I save it as:

<p class="Title"> Hello </p>

So how can I do the follow:

1. Read from database html-formattedtext.
2. Show it in textarea element.
3. Edit and save it back to database.

Help me please, how can I save such texts properly, Thanx!

Try using htmlspecialchars() on the string to put into the DB, and then, when pulling it back out, use htmlspecialchars_decode(). Might make a difference.

Save it to a nvarchar(max) field.

Make sure you use parameterized queries for security. Read

http://www.aspnet101.com/2007/03/parameterized-queries-in-asp-net/

http://msdn.microsoft.com/msdnmag/issues/04/09/SQLInjection/

with little changes to Sql , you can apply to Mysql aslo

there is no problem with save your html code in database. and no need for filter data before save . but when you want to show it again in textarea you shoud Escape it.

in php you can use this code to escape html codes:

PHP Function

see doc: htmlspecialchars

$cotnent = htmlspecialchars( $cotnent );

Wordpress Functions:

see doc: format_to_edit

$cotnent = format_to_edit( $cotnent , false );

OR

see doc: esc_textarea

$cotnent = esc_textarea( $cotnent );