At 9:52 AM -0400 9/29/06, Eric Butera wrote:
Tedd,
Not to make a big deal out of this but are you aware of the
differences on filtering input and escaping output?
mysql_real_escape_string is for escaping something for the database.
It doesn't filter or clean anything. Just like htmlentities esc
On 9/29/06, Ivo F.A.C. Fokkema <[EMAIL PROTECTED]> wrote:
On Thu, 28 Sep 2006 11:33:06 -0400, Eric Butera wrote:
He's not actually *putting* it in a database, so isn't it useless to use a
mysql_ function for this...? Maybe I misunderstand Tedd and he does use a
database, as I don't see why he wou
On Thu, 28 Sep 2006 11:33:06 -0400, Eric Butera wrote:
> On 9/28/06, Ivo F.A.C. Fokkema <[EMAIL PROTECTED]> wrote:
>>
>> Hi Tedd,
>>
>> According to
>> http://nl3.php.net/mysql_real_escape_string
>>
>> The function requires a MySQL connection. If there is none, it
>> will try and create one. That
On 9/28/06, Ivo F.A.C. Fokkema <[EMAIL PROTECTED]> wrote:
Hi Tedd,
According to
http://nl3.php.net/mysql_real_escape_string
The function requires a MySQL connection. If there is none, it
will try and create one. That fails now. Possibly you could use addslashes()?
Regards,
Ivo
--
PHP Genera
4 matches
Mail list logo
