From: Yuri Yarlei

> I think mysql_real_escape_string()  is work well, but if
> you are use mysql db, if you are using another db, the best
> function is addslashes but for another special charactes
> you will need treat them with another ways

Slashes are the wrong character to use. The official SQL escape is a
single quote character. Some database managers accept either, but using
slashes can cause more problems than they solve. Find the correct
escape_string function for your database and use it.

Bob McConnell

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to