Jump to content

Archived

This topic is now archived and is closed to further replies.

SharkBait

Which one? str_replace() mysql_real_escape_string()

Recommended Posts

What is the difference between:

[code=php:0]
str_replace("'", "\'", $mystring);
[/code]
and
[code=php:0]
mysql_real_escape_string($mystring);
[/code]

??

Share this post


Link to post
Share on other sites
mysql_real_escape_sting escapes other characters, such as whitespace, quotes, hex, slashes (\x00, \n, \r, \, ', " and \x1a)

Where as your code just escapes single quotes.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.