On 24/05/06, phplist@xxxxxxx <phplist@xxxxxxx> wrote:
Hi, Is a serialized array a "safe" string to insert into a mysql text field? Or is a function such as mysql_real_escape_string always needed?
No, it's not at all a safe string to insert into a mysql text field. mysql_real_escap_string() is needed. -robin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
