Is it safe to use mysql_real_escape_string considering SQL injection attacks. Thanks for the fast reply. -- Regards, Abhishek Jain --- Stephan Schulze <nahpeps@xxxxxx> wrote: > use mysql_real_escape_string to masquerade the > asterisk. > > $var = mysql_real_escape_string($var); > > With best regards... > > abhishek jain schrieb: > > Dear Friends, > > Pl. help me .Actually i have a line like: > > $var = "Abhishek Jain's test message." > > > > when i insert this $var into the mysql i got error > > because of this ' sign. > > Pl. help me i do not want to remove this ' from > mine > > variable. > > Mie mysql version is 4.1.12 > > When I run the same code on mine local PC with > version > > perhaps 4.0.21 i do not get any error. > > Pl. help me. > > -- > > Regards > > Abhishek Jain > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam > protection around > > http://mail.yahoo.com > > > > > > PHP Data object relational mapping generator > > http://www.metastorage.net/ > > Yahoo! Groups Links > > > > > > > > > > > > > > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com PHP Data object relational mapping generator http://www.metastorage.net/ Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php-objects/ <*> To unsubscribe from this group, send an email to: php-objects-unsubscribe@xxxxxxxxxxxxxxx <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
