I believe you only need to do a htmlspecialchars when displaying data
as readable text that your retrieved from the database after inserting.
And probably some other situations as well, but I don't think you
need to do htmlspecialchars on the
mysql_real_escape data when inserting into the database.
On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php