centenial Posted April 21, 2007 Share Posted April 21, 2007 Hi, Does anyone know of a good function that makes an sql query "safe" to put inside the mysq_query() function? I tried the mysql_real_escape_string() function, but that saves a backslash in front of every quote I have in the database. Which is annoying. Anyone have some advice? Quote Link to comment Share on other sites More sharing options...
Lumio Posted April 21, 2007 Share Posted April 21, 2007 <?php mysql_query("SELECT * FROM `table` WHERE `column` = '".mysql_real_escape_string("foo='bar'").";"); ?> Quote Link to comment Share on other sites More sharing options...
taith Posted April 21, 2007 Share Posted April 21, 2007 this one is by far the best... theres nothing to mess around with... $safe=htmlentities($string, ENT_QUOTES); when you pull info out just translate it back :-) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.