Jay Blanchard wrote:
[snip]
You should probably use mysql_escape_string or mysql_real_escape_string
instead of addslashes and stripslashes. IMHO addslashes and stripslashes
are pretty much useless.
[/snip]
That is an interesting take, why so?
Because it can easily cause more problems than it fixes. Actually, it's
also a part of my dislike for the magic_quotes system...
At the very least, mysql_(real_)escape_string should be always used for
mysql code instead of addslashes as it *will* do the right thing.
--
paperCrane Justin Patrin
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
