I would say it is safe... With best regards... abhishek jain schrieb: > Is it safe to use mysql_real_escape_string considering > SQL injection attacks. > Thanks for the fast reply. > -- > Regards, > Abhishek Jain > > --- Stephan Schulze <nahpeps@xxxxxx> wrote: > >> use mysql_real_escape_string to masquerade the >> asterisk. >> >> $var = mysql_real_escape_string($var); >> >> With best regards... >> >> abhishek jain schrieb: >>> Dear Friends, >>> Pl. help me .Actually i have a line like: >>> $var = "Abhishek Jain's test message." >>> >>> when i insert this $var into the mysql i got error >>> because of this ' sign. >>> Pl. help me i do not want to remove this ' from >> mine >>> variable. >>> Mie mysql version is 4.1.12 >>> When I run the same code on mine local PC with >> version >>> perhaps 4.0.21 i do not get any error. >>> Pl. help me. >>> -- >>> Regards >>> Abhishek Jain >>> >>> __________________________________________________ >>> Do You Yahoo!? >>> Tired of spam? Yahoo! Mail has the best spam >> protection around >>> http://mail.yahoo.com >>> >>> >>> PHP Data object relational mapping generator >>> http://www.metastorage.net/ >>> Yahoo! Groups Links >>> >>> >>> >>> >>> >>> >>> > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > > PHP Data object relational mapping generator > http://www.metastorage.net/ > Yahoo! Groups Links > > > > > > PHP Data object relational mapping generator http://www.metastorage.net/ Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php-objects/ <*> To unsubscribe from this group, send an email to: php-objects-unsubscribe@xxxxxxxxxxxxxxx <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
