David and Jasper - thank you both! I will play around with this more now that you have explained my biggest questions!
Thanks guys, Clint :-) On 9/9/05, Jasper Bryant-Greene <[EMAIL PROTECTED]> wrote: > > clint lenard wrote: > > Thanks Jasper for the info! This may sound stupid - but I just want to > > be sure... do I need to strip the slashes and special characters out and > > add them when they're called... or......? I'm just trying to get a clear > > picture of exactly what needs to be done with this particular job... > > If you're using PHP, you need to run mysql_real_escape_string() on any > string data that is going into MySQL. This will handle escaping and > special characters for you, and there is no need to "unescape" it when > retrieving it from the DB. > > See http://www.php.net/mysql_real_escape_string > > HTH > -- > Jasper Bryant-Greene > Freelance web developer > http://jasper.bryant-greene.name/ > > If you find my advice useful, please consider donating to a poor > student! You can choose whatever amount you think my advice was > worth to you. http://tinyurl.com/7oa5s > > -- > MySQL General Mailing List > For list archives: http://lists.mysql.com/mysql > To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] > >
