There is an error in function reference. Sentence is: mysql_real_escape_string() calls MySQL's library function mysql_escape_string, which prepends backslashes to the following characters: NULL, \x00, \n, \r, \, ', " and \x1a.
http://www.php.net/mysql_real_escape_string But MySQL manual for mysql_real_escape_string API function (which is the one PHP's function calls, not deprecated mysql_escape_string, as stated in manual) says: Characters encoded are NUL (ASCII 0), '\n', '\r', '\', ''', '"', and Control-Z. http://dev.mysql.com/doc/mysql/en/mysql-real-escape-string.html Note that NULL within strings is NOT encoded in any way. And again - PHP interpreter calls mysql_real_esacpe_string, NOT mysql_escape_string. -- Kaspars http://laacz.lv/
