Eric Butera schrieb:
You almost have it. What you need to do is if magic quotes is on,
then stripslashes and apply mysql_real_escape_string. If magic quotes
is off only apply mysql_real_escape_string since php didn't escape
values for you.
Also in your mysql_real_escape_string I would suggest adding the
second parameter to your connection.
Isn't that what I have? Quote:
So I modified a little:
public function smartQuote( $string )
{
if( get_magic_quotes_gpc() == 1 ) {
return mysql_real_escape_string(stripslashes($string));
}
else {
return mysql_real_escape_string($string);
}
}
if the MQ runtime is on / 1 stripslashes from string then apply
mysql_real_escape_string?
[ So the documentation is wrong?
http://ca.php.net/manual/en/function.mysql-real-escape-string.php -
Example 3. A "Best Practice" query ]
I will add the MySQL link identifier - cheers!
Thanks again for the help.
Regards,
Johannes
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
