function send_msg($sender , $message){ if(!empty($sender) && !empty($message)){ $sender = mysql_real_escape_string($sender); $message= mysql_real_escape_string($message); $query = "INSERT INTO `chat`.`chat` VALUES (null , '{$sender}' , '$message')"; // Difficulty on THIS LINE !!!! if($run = mysql_query($query)){ return true; }else{ return false; } }
why is '{$sender}' given the curley brakets ????? and why is message not given the same brackets ? also why is this function used ? i.e. mysql_real_escape_string , i know what it does , but is it to prevent SQL injection.
