Dotan Cohen wrote:
So, actually taking a minute to read up on addcslashes(), it is a rather handy
little function.

Taking the list of characters that mysql_real_escape_string() says it escapes:

http://us3.php.net/mysql_real_escape_string

Which it lists: \x00, \n, \r, \, ', " and \x1a

\0  = \x0
\10 = \n
\13 = \r
\92 = \
\44 = '
\34 = "
\26 = \x1a

You could do something like this.

function cleaner($input) {
       return addcslashes($input, "\0\10\13\92\44\34\26");
}

Maybe this will help...

Jim


So far as I understand mysql_real_escape_string() was invented because
addslashes() is not adequate.



If you look a little closer, you will see that I am not using addslashes(). Rather, I am using addcslashes(). This allows to specify the characters that I want escaped, instead of the default assumed characters from addslashes().

--
Jim Lucas

   "Some men are born to greatness, some achieve greatness,
       and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
    by William Shakespeare

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to