On Mon, April 23, 2007 9:48 am, WeberSites LTD wrote: > I'm trying to understand from the examples why anyone > that has get_magic_quotes_gpc() returning true would > need to use stripslashes() and then mysql_real_escape_string(). > > wouldn't that just add slashes to the same places? If you were 100% sure that everybody on the planet spoke only English, and only used the ASCII codeset, sure, it's the same thing... Oh, wait. Earth has more than one language, doesn't it? :-) mysql_real_escape_string() takes into account the charset[s] being used. addslashes assumes ASCII charset. Don't do that. YOU may not be expecting the Spanish Inquisition, but somebody will be trying to send it to you. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
