So what's the difference with that and addslashes() ?
Karl
Sent from losPhone
On Dec 15, 2009, at 3:50 PM, Chris <dmagick@xxxxxxxxx> wrote:
Karl DeSaulniers wrote:
What does this do exactly?
Documentation was a bit fuzzy for me.
Is it needed at all times to protect with?
Per the docs:
prepends backslashes to the following characters: \x00, \n, \r, \,
', " and \x1a.
So anything that has a null character, a newline (windows/linux/
mac), single and double quotes and \x1a (not sure what that is) is
escaped and ready to be put in a query.
If you don't quote those characters someone could put one of those
characters in a query and cause problems - starting off with an
invalid query but possibly ending up worse.
--
Postgresql & php tutorials
http://www.designmagick.com/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php