serverman Posted June 19, 2008 Share Posted June 19, 2008 how do i add the mysql real escape string to this <?php //this is just a snippet // Check for a description if (strlen($trimmed['desc']) > 1) { $d = $db->sql_escape($trimmed['desc']); } else { $d = FALSE; $err .= '<div class="err">The description is invalid!</div>'; } // Check for tutorial content if (strlen($trimmed['tut']) > 1) { $con = $db->sql_escape($trimmed['tut']); } else { $con = FALSE; $err .= '<div class="err">The tutorial content is invalid!</div>'; } if ($t && $cat && $d && $con) { $db->sql_query("insert into tut (title,cat_id,description,usr_id,content,time) values('$t','$cat','$d','$uid','$con',now())"); } } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted June 19, 2008 Share Posted June 19, 2008 I would say you would be best to add it within the already existing sql_escape() method. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.