On Fri, Jan 15, 2010 at 3:22 PM, Richard Lynch <ceo@xxxxxxxxx> wrote:
> The subject line says it all:
>
> mysql_real_escape_string(0xffffffff) yields -1
>
> What's up with that?
>
> Is there some way to convince mysql_real_escape_string to use BIGINT?
>
> I guess I'll just PCRE for digits and then pass it in and...
>
> But what if somebody passes in some BC Math number?...
>
Try passing it as a string literal, NOT a hexadecimal numeric literal.
mysql_real_escape_string('0xffffffff');
In case you haven't noticed, SQL statements are stored in strings.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
