rubing Posted June 13, 2008 Share Posted June 13, 2008 Do the % and _ wildcard used in mysql LIKE queries need to be escaped?? does addcslashes do this by default? thanks! Quote Link to comment https://forums.phpfreaks.com/topic/110086-escaping-and-_/ Share on other sites More sharing options...
rhodesa Posted June 13, 2008 Share Posted June 13, 2008 they don't need to be escaped unless you don't want them to be wildcards...to escape mysql data use: http://www.php.net/mysql_real_escape_string Quote Link to comment https://forums.phpfreaks.com/topic/110086-escaping-and-_/#findComment-564951 Share on other sites More sharing options...
rubing Posted June 13, 2008 Author Share Posted June 13, 2008 yeah, but addslashes() is faster. http://cognifty.com/index.php/blog.entry/id=6/addslashes_dont_call_it_a_comeback.html Quote Link to comment https://forums.phpfreaks.com/topic/110086-escaping-and-_/#findComment-564972 Share on other sites More sharing options...
rhodesa Posted June 13, 2008 Share Posted June 13, 2008 and how often do you "escape 7 strings 5000 times"? the latency of the HTTP connection to load the page is a bigger time difference... fact of the matter is mysql_real_escape_string PROPERLY escapes mysql strings as that is it's purpose. if you want to use something similar to save a couple hundredths of a second, by all means go for it Quote Link to comment https://forums.phpfreaks.com/topic/110086-escaping-and-_/#findComment-564974 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.