Posted 02 August 2006 - 08:16 PM
Quick question, does the mysql_real_escape_string function have the ability to be used for other databases and such? Or perhaps not even a database at all, or is it a MySQL only function?
If not, then I guess I'll be using addslashes, which is an older less recommended function, is it not?
Posted 02 August 2006 - 08:33 PM
The string that is to be escaped.
The MySQL connection. If the link identifier is not specified, the last link opened by mysql_connect() is assumed. If no such link is found, it will try to create one as if mysql_connect() was called with no arguments. If by chance no connection is found or established, an E_WARNING level warning is generated.
In other words, it's going to look for a MySQL connection.
- Check the manual to see if another database has a similar function; or
- Recreate the function to be used for that (or any) database, based on the information that the manual provides:
mysql_real_escape_string() calls MySQL's library function mysql_real_escape_string, which prepends backslashes to the following characters: \x00, \n, \r, \, ', " and \x1a.
Posted 02 August 2006 - 09:17 PM
preg_match. Just filter your input to see if any of the troublesome keys are present.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users