Hi, a question for php experts

I have a simple form where people can enter details, then later they can retrieve and amend it with a password through the same form. The form contains a few textareas.

Currently to clean the text I use

$entered_text = nl2br($entered_text);
$entered_text = strip_tags($entered_text,"<br>");

This seems to work OK but occasionally it gets confused and loses all the <br> so everything gets turned into one paragraph.

Is this code enough to protect against malicious users when they find the form? Is there a better way to handle things? I think I'm maybe missing the obvious but have searched everwhere for a 'standard' script and can't find one.