On 23/01/2008, Eric Butera <[EMAIL PROTECTED]> wrote: > There isn't a reason to go and report a bug as their stuff works fine.
I would have filed a wish, not a bug. They are both filed in the bugzillas that I'm familiar with. In any case, I'm not filing as I've no account there and I'll not be filing many bugs for that software. If someone else wants to file a wish, be my guest. > If you know you have utf8 and all that jazz then fine. The only > reason you should use mysql escaping is right before you put a value > into the database. To put a value in the database you must have a > connection. So this really is a non-issue in my opinion. No, I sanitize the values, and only then I decide if the value (now sanitized and safe to work with) should go to the database. And only if it's going to the database do I open a connection. > Look at mysqli or pdo and start working with prepared statements. :) Thanks, I will take a look at those! Dotan Cohen http://what-is-what.com http://gibberish.co.il א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
