In that case, I'll have to stick to addslashes() instead of mysql_real_escape_string() because I'm escaping some of the PHP's post string in the MySQL's syntax and not yet using the mysql's connection until some decision making script play a role in it. Blah!!
Thanks, Scott F. "Curt Zirzow" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > * Thus wrote Scott Fletcher: > > > > I would argue that something like mysql_escape_string() is better than > > > > addslashes(), so I agree with you for the most part anyway. :-) It all > > > > depends on what database is being used and how. > > > > Starting a new topic since the related-topic lists got too long. So, run > > that again about what you meant by that and why??? Also, noticed that > > mysql_esacpe_string() is an alias of mysql_real_escape_string, is that > > right??? > > Using the mysql_*_string functions lets the database client decide > on what to escape. > > mysql_escape_string() has been deprecated for use, in place using > mysql_real_escape_string(). the latter takes in to consideration > the charset of the connection. So no, its not an alias. > > > Curt > -- > First, let me assure you that this is not one of those shady pyramid schemes > you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
