I have a form which has a textarea input. This text area will have some custom "tags" that I would like to make, similar to the * operator in SO's textarea which gets processed and interpreted as italics or bold depending on how it's used.
The end goal is to process this long string of text, make any formatting modifications needed, then write it to a database table. I'm not really sure how to approach this problem, however.
My first thought was to use $_POST, but I'm unsure it it's a good idea to store very large strings in this array as I cannot find any information as to how much data it is good to store in this array. Is there some best practice for transferring large amounts of data to another page? Should I be using jQuery for this? If so, how?
$_POST will most likely be used, whether or not you do this with jQuery. The default limit of $_POST is already high enough to handle most user input, short of file uploads. If you need it to be greater than 8MB, you can change that on the webserver in your php.ini file. I've had a similar application, and in testing I had no problem pasting >64MB into my textarea.
I would also consider changing the order of operations a little bit. I'd do one or the other of the following:
1) Rather than format your text prior to db insertion, format it on the way back out to the browser. That way, if you change the way your input gets formatted, you have the original data to apply it to. It's a little more work for the server when displaying the data, but it's likely you'll have a much easier time maintaining your application down the line.
2) Store both the formatted text and the raw text in the database. This has the benefit of speed by not having to format it on its way to the user every time it's called, and also allows you the ability to build a means of changing the format of the data later, at some coding expense.
EDIT: As pal4life stated in a comment, you want to avoid executing any of the user input. Essentially, if your method is to save the input to a file, and then recall it with an include() or require(), you open yourself up to some severe security vulnerabilities. An attacker could upload code like <?php var_dump($conn); or much worse. I believe you may safely readfile(), however the browser is still vulnerable to any potential javascript that may have been placed there by an attacker.