Marcus Bointon wrote:
On 14 Oct 2005, at 04:48, David Robley wrote:
That is incorrect. mysql_real_escape_string is a php function, not
mysql.
Mostly true: mysql_real_escape_string is a php function, but it's
provided by the mysql extension as part of the mysql client libraries
(which explains the name). It doesn't do anything significantly
different to addslashes(), which is purely a PHP internal function. If
you are writing database independent code, you should probably prefer
addslashes (or things like adodb::qstr).
mysql_real_escape_string() takes into account the current characterset
of the database. addslashes() does not.
--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
