Dotan Cohen wrote:
So, actually taking a minute to read up on addcslashes(), it is a rather handy
little function.
Taking the list of characters that mysql_real_escape_string() says it escapes:
http://us3.php.net/mysql_real_escape_string
Which it lists: \x00, \n, \r, \, ', " and \x1a
\0 = \x0
\10 = \n
\13 = \r
\92 = \
\44 = '
\34 = "
\26 = \x1a
You could do something like this.
function cleaner($input) {
return addcslashes($input, "\0\10\13\92\44\34\26");
}
Maybe this will help...
Jim
So far as I understand mysql_real_escape_string() was invented because
addslashes() is not adequate.
If you look a little closer, you will see that I am not using addslashes(). Rather, I am using
addcslashes(). This allows to specify the characters that I want escaped, instead of the default
assumed characters from addslashes().
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
