I agree. Personally, I would go with the prepared statements available with mysqli than the string escaping available with mysql.
Chris On Nov 29, 2010, at 8:23 AM, Randall Whitman <[email protected]> wrote: > Allow me to also highlight: > http://www.php.net/manual/en/function.mysql-real-escape-string.php > and/or > http://php.net/manual/en/mysqli.prepare.php > _______________________________________________ > LinuxUsers mailing list > [email protected] > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers _______________________________________________ LinuxUsers mailing list [email protected] http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
