---------- Forwarded message ---------- From: GH <garyhotko@xxxxxxxxx> Date: Tue, 16 Nov 2004 08:45:08 -0500 Subject: Re: Automatically Escape? To: Jordi Canals <jcanals@xxxxxxxxx> What is the Diffrencce between mysql_escape_string and mysql_real_escape_string? On Tue, 16 Nov 2004 14:34:43 +0100, Jordi Canals <jcanals@xxxxxxxxx> wrote: > On Tue, 16 Nov 2004 12:33:15 +0000, Richard Davey <rich@xxxxxxxxxxxxxxxx> wrote: > > > G> Is there a function that can automatically escape special characters > > G> before putting them into mySQL? > > > > See magic_quotes to have it done for you. Although this isn't a > > recommend approach if you plan to distribute your application, in > > which case mysql_escape_string() is the one. > > Just a comment : > > Note: This function (mysql_escape_string) has been deprecated since > PHP 4.3.0. Do not use this function. Use mysql_real_escape_string() > instead. > > So, if you're coding new scripts is better to use mysql_real_escape_string(). > > Best regards, > Jordi. > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
