Two things, and I'm not being critical, but rather trying to be helpful.
1) From a security perspective, never, never
trust user input. In this case you need to be sure to escape the mysql input or you'll end up with a fatal SQL injection vulnerability. Use the function mysql_real_escape_string();
2) \r\n are injected from multi-line text-area, because you're writing it out in another page you need to convert \r\n to a HTML <br> tag or use the <pre> HTML entity to have it properly treat \r\n.
What I think you should do:
Understand I'm not being critical one bit but with respect to #1 I can't pound that into your head enough
I'm always glad to help in any way I can, welcome to NVNews.