Hi, a question for php experts
I have a simple form where people can enter details, then later they can retrieve and amend it with a password through the same form. The form contains a few textareas.
Currently to clean the text I use
$entered_text = nl2br($entered_text);
$entered_text = strip_tags($entered_text,"<br>");
This seems to work OK but occasionally it gets confused and loses all the <br> so everything gets turned into one paragraph.
Is this code enough to protect against malicious users when they find the form? Is there a better way to handle things? I think I'm maybe missing the obvious but have searched everwhere for a 'standard' script and can't find one.