It's not safe... if the array contains strings which contain ' or " might screw your query... it's safe to escape the string result from serialize...
Andy phplist@xxxxxxx wrote:
Hi, Is a serialized array a "safe" string to insert into a mysql text field? Or is a function such as mysql_real_escape_string always needed? regards Simon.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
