Tracy R Reed wrote:
Anyway, I agree with those who say that escaping isn't the right way to
go.
For PHP and MySQL, it's not the wrong way to go. True, you need to
throttle your SQL thru the MySqlEscape function, but really, if you're
manually concatenating things together to make SQL, you should be making
a library or something.
This is really as much a DB question as it is a PHP question. Which DB
are you using?
--
Darren New / San Diego, CA, USA (PST)
Remember the good old days, when we
used to complain about cryptography
being export-restricted?
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
