Re: prevent user from getting scripts outside the web folder [this better?]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 14 Oct 2005, at 04:48, David Robley wrote:
That is incorrect. mysql_real_escape_string is a php function, not mysql.
Mostly true: mysql_real_escape_string is a php function, but it's provided by the mysql extension as part of the mysql client libraries (which explains the name). It doesn't do anything significantly different to addslashes(), which is purely a PHP internal function. If you are writing database independent code, you should probably prefer addslashes (or things like adodb::qstr). 

Marcus
--
Marcus Bointon
Synchromedia Limited: Putting you in the picture
marcus@xxxxxxxxxxxxxxxxxx | http://www.synchromedia.co.uk

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux