> Your only option might be to do something "smart". You can't use the
> proper mysql functions without a connection to a database, but you
> refuse to connect to a database until after you perform validation...
>
> You do realise you can have several db connections open at one time, so
> you could have one always open for the purpose of validation?
> Potentially wasteful, but the architecture in this idea is a little
> different from the norm.
I also thought mysql_real_escape_string was dead since every DAL such PDO or
others uses bindings to properly escape variables and a database related
sanitize without database is quite useless, imho.
Regards
_________________________________________________________________
Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail
you.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010
