Thus wrote justin:
> Thanks Ramil,
>
> I knew it had something to do with the \, but I still can't figure out
> how to get the variable into the database without the extra '\'
> It is entered into the database via a form using the input below:
>
> <input name="ident" type="hidden" value="<?php echo
> $_SERVER[AUTH_USER];?>">
>
> Where would I use the mysql_real_escape_string ?
>From the manual:
"This function will escape special characters in the unescaped_string,
taking into account the current character set of the connection so
that it is safe to place it in a mysql_query(). "
an example from the manual:
$query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'",
mysql_real_escape_string($user),
mysql_real_escape_string($password));
mysql_query($query);
I hope this is enough :)
----
ramil
http://ramil.sagum.net
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
