On 10/9/06, Alan Milnes <[EMAIL PROTECTED]> wrote:
$query = "insert into invw2wcheck (
UNIQUEID ,
ASSETID ,
CNF
)
values
(
'$UNIQUEID',
'$ASSETID ',
'$CNF'
)";
Wrap escaping functions around the values you are sticking in the DB.
Escaping is only needed at the time you are using it because it helps
your data go somewhere. You don't want to corrupt your data with
escaped values.
$query = "insert into invw2wcheck (
UNIQUEID ,
ASSETID ,
CNF
)
values
(
'". mysql_real_escape_string($UNIQUEID) ."',
'". mysql_real_escape_string($ASSETID) ."',
'". mysql_real_escape_string($CNF) ."'
)";
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
