clint lenard wrote:
Thanks Jasper for the info! This may sound stupid - but I just want to be sure... do I need to strip the slashes and special characters out and add them when they're called... or......? I'm just trying to get a clear picture of exactly what needs to be done with this particular job...
If you're using PHP, you need to run mysql_real_escape_string() on any string data that is going into MySQL. This will handle escaping and special characters for you, and there is no need to "unescape" it when retrieving it from the DB.
See http://www.php.net/mysql_real_escape_string HTH -- Jasper Bryant-Greene Freelance web developer http://jasper.bryant-greene.name/ If you find my advice useful, please consider donating to a poor student! You can choose whatever amount you think my advice was worth to you. http://tinyurl.com/7oa5s -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]