Jay Blanchard wrote:
[snip]
You should probably use mysql_escape_string or mysql_real_escape_string instead of addslashes and stripslashes. IMHO addslashes and stripslashes
are pretty much useless. [/snip]
That is an interesting take, why so?
Because it can easily cause more problems than it fixes. Actually, it's also a part of my dislike for the magic_quotes system...
At the very least, mysql_(real_)escape_string should be always used for mysql code instead of addslashes as it *will* do the right thing.
-- paperCrane <Justin Patrin>
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
