--UPT3ojh+0CqEDtpF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2007-05-02 21:00:05 +0900 (Wed, May), anansi wrote:
> arghh thanks for your help, wokrs great :)
> 
> Alex Young wrote:
> >anansi wrote:
> ><snip>
> >>        <%= entry.news %> <br>
> ><snip>
> >>But the problem is that I have now textformatting inside the 
> >>entry.news field. E.g. how can I insert <br> after each line in 
> >>entry.news?
> >
> ><%= entry.news.split("\n").join("<br />") %>
> >
> >or
> >
> ><%= entry.news.gsub("\n", "<br />") %>

Just my 2 cents, but I strongly recommend:

<%= CGI::escapeHTML(entry.news).gsub("\n", "<br />") %>
<%= CGI::escapeHTML(entry.news).split("\n").join("<br />") %>

or

<%= h(entry.news).gsub("\n", "<br />") %>
<%= h(entry.news).split("\n").join("<br />") %>

-- 
No virus found in this outgoing message.
Checked by "grep -i virus $MESSAGE"
Trust me.

--UPT3ojh+0CqEDtpF
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGOPnxsnU0scoWZKARAnmxAKCyBns2vdDNBvUnPQa+Pp/m/SidfgCgpt/h
dR4Vy9ic8YtYMn4n7A5zo4sn5
-----END PGP SIGNATURE-----

--UPT3ojh+0CqEDtpF--