[PHP] Automatically Escape?
Is there a function that can automatically escape special characters before putting them into mySQL? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Automatically Escape?
Hello GH, Tuesday, November 16, 2004, 12:25:20 PM, you wrote: G Is there a function that can automatically escape special characters G before putting them into mySQL? See magic_quotes to have it done for you. Although this isn't a recommend approach if you plan to distribute your application, in which case mysql_escape_string() is the one. Best regards, Richard Davey -- http://www.launchcode.co.uk - PHP Development Services I am not young enough to know everything. - Oscar Wilde -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Automatically Escape?
On Tue, 16 Nov 2004 12:33:15 +, Richard Davey [EMAIL PROTECTED] wrote: G Is there a function that can automatically escape special characters G before putting them into mySQL? See magic_quotes to have it done for you. Although this isn't a recommend approach if you plan to distribute your application, in which case mysql_escape_string() is the one. Just a comment : Note: This function (mysql_escape_string) has been deprecated since PHP 4.3.0. Do not use this function. Use mysql_real_escape_string() instead. So, if you're coding new scripts is better to use mysql_real_escape_string(). Best regards, Jordi. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Automatically Escape?
-- Forwarded message -- From: GH [EMAIL PROTECTED] Date: Tue, 16 Nov 2004 08:45:08 -0500 Subject: Re: [PHP] Automatically Escape? To: Jordi Canals [EMAIL PROTECTED] What is the Diffrencce between mysql_escape_string and mysql_real_escape_string? On Tue, 16 Nov 2004 14:34:43 +0100, Jordi Canals [EMAIL PROTECTED] wrote: On Tue, 16 Nov 2004 12:33:15 +, Richard Davey [EMAIL PROTECTED] wrote: G Is there a function that can automatically escape special characters G before putting them into mySQL? See magic_quotes to have it done for you. Although this isn't a recommend approach if you plan to distribute your application, in which case mysql_escape_string() is the one. Just a comment : Note: This function (mysql_escape_string) has been deprecated since PHP 4.3.0. Do not use this function. Use mysql_real_escape_string() instead. So, if you're coding new scripts is better to use mysql_real_escape_string(). Best regards, Jordi. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Automatically Escape?
Hello GH, Tuesday, November 16, 2004, 1:45:28 PM, you wrote: G What is the Diffrencce between mysql_escape_string and mysql_real_escape_string? One of them is depreciated, meaning it could drop from the PHP list of functions at any point and shouldn't be relied on (my fault, sorry! use the other version recommended). Best regards, Richard Davey -- http://www.launchcode.co.uk - PHP Development Services I am not young enough to know everything. - Oscar Wilde -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Automatically Escape?
GH wrote: -- Forwarded message -- From: GH [EMAIL PROTECTED] Date: Tue, 16 Nov 2004 08:45:08 -0500 Subject: Re: [PHP] Automatically Escape? To: Jordi Canals [EMAIL PROTECTED] What is the Diffrencce between mysql_escape_string and mysql_real_escape_string? the *_real_* one takes into account charset of the current connection, as mentioned in the manual On Tue, 16 Nov 2004 14:34:43 +0100, Jordi Canals [EMAIL PROTECTED] wrote: On Tue, 16 Nov 2004 12:33:15 +, Richard Davey [EMAIL PROTECTED] wrote: G Is there a function that can automatically escape special characters G before putting them into mySQL? See magic_quotes to have it done for you. Although this isn't a recommend approach if you plan to distribute your application, in which case mysql_escape_string() is the one. Just a comment : Note: This function (mysql_escape_string) has been deprecated since PHP 4.3.0. Do not use this function. Use mysql_real_escape_string() instead. So, if you're coding new scripts is better to use mysql_real_escape_string(). Best regards, Jordi. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
