DarrenReeder Posted May 18, 2010 Share Posted May 18, 2010 $title=mysql_real_escape_string($_POST['title']); $content=mysql_real_escape_string($_POST['content']); $date=date('Y-m-d'); $query=mysql_query("INSERT INTO latestUpdates SET ID='', title='$title', content='$content', date='$date'"); have i used it right? Quote Link to comment https://forums.phpfreaks.com/topic/202202-mysql-real-escape-string-used-rightly/ Share on other sites More sharing options...
Moargan Posted May 18, 2010 Share Posted May 18, 2010 Yes, that is the correct way to use mysql_real_escape_string(). Quote Link to comment https://forums.phpfreaks.com/topic/202202-mysql-real-escape-string-used-rightly/#findComment-1060295 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.