I have searched a lot and still unable to find any solution to my need.
I have content editable div which collects reviews from my user.The inner HTML is copied to textarea by jquery and then form is posted.
Now at the PHP end I am not sure how to go ahead with this "textarea" posted data.
<span>,<b>,<i>,<u> and <img>Any help will be grateful.
The content of the TEXTAREA is simple text. There are a number of ways to protect yourself from SQL Injection and other harmful user entered data.
Use mysql_real_escape_string() to safely enter data into your database. If you are using MySQLi, this would be $mysqli->real_escape_string().
Use htmlentities() to convert special characters to their HTML ASCII equivalents.
http://php.net/manual/en/function.mysql-real-escape-string.php
http://php.net/manual/en/function.htmlentities.php
This will allow you to store whatever the user enters in your DB safely. When you display it on your page, say as a comment, you can then html_entity_decode() to return the ASCII back into HTML and then use strip_tags() to flush out things like SCRIPT or EMBED or any other HTML Tags you do not want user to be use on your page (like the comment by @ismael_miguel suggested).