Re: Automatically Escape?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



GH wrote:
---------- Forwarded message ----------
From: GH <garyhotko@xxxxxxxxx>
Date: Tue, 16 Nov 2004 08:45:08 -0500
Subject: Re:  Automatically Escape?
To: Jordi Canals <jcanals@xxxxxxxxx>


What is the Diffrencce between mysql_escape_string and mysql_real_escape_string?

the *_real_* one takes into account charset of the current connection, as mentioned in the manual






On Tue, 16 Nov 2004 14:34:43 +0100, Jordi Canals <jcanals@xxxxxxxxx> wrote:

On Tue, 16 Nov 2004 12:33:15 +0000, Richard Davey <rich@xxxxxxxxxxxxxxxx> wrote:


G> Is there a function that can automatically escape special characters
G> before putting them into mySQL?

See magic_quotes to have it done for you. Although this isn't a
recommend approach if you plan to distribute your application, in
which case mysql_escape_string() is the one.

Just a comment :

Note:  This function (mysql_escape_string) has been deprecated since
PHP 4.3.0. Do not use this function. Use mysql_real_escape_string()
instead.

So, if you're coding new scripts is better to use mysql_real_escape_string().

Best regards,
Jordi.


-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux