* Thus wrote Scott Fletcher: > > > I would argue that something like mysql_escape_string() is better than > > > addslashes(), so I agree with you for the most part anyway. :-) It all > > > depends on what database is being used and how. > > Starting a new topic since the related-topic lists got too long. So, run > that again about what you meant by that and why??? Also, noticed that > mysql_esacpe_string() is an alias of mysql_real_escape_string, is that > right???
Using the mysql_*_string functions lets the database client decide on what to escape. mysql_escape_string() has been deprecated for use, in place using mysql_real_escape_string(). the latter takes in to consideration the charset of the connection. So no, its not an alias. Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
