I agree. Personally, I would go with the prepared statements available with mysqli than the string escaping available with mysql.
Chris On Nov 29, 2010, at 8:23 AM, Randall Whitman <909li...@whizman.com> wrote: > Allow me to also highlight: > http://www.php.net/manual/en/function.mysql-real-escape-string.php > and/or > http://php.net/manual/en/mysqli.prepare.php > _______________________________________________ > LinuxUsers mailing list > LinuxUsers@socallinux.org > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers _______________________________________________ LinuxUsers mailing list LinuxUsers@socallinux.org http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
