On 5/24/06, phplist@xxxxxxx <phplist@xxxxxxx> wrote:
Hi, Is a serialized array a "safe" string to insert into a mysql text field? Or is a function such as mysql_real_escape_string always needed?
*Always* escape your data. What if your array contains a quote? -- Postgresql & php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
