On Tue, Aug 21, 2007 at 04:26:21PM +0100, Stut wrote: > As far as I was aware addslashes is inadequate for this purpose. Should > this not point people to use database-specific escaping functions rather > than addslashes?
Yes, even better use placeholders (if the DB API supports it). -- Alain Williams Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php Chairman of UKUUG: http://www.ukuug.org/ #include <std_disclaimer.h> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
