[PHP-DOC] #36692 [Opn->Csd]: Incorrect term in mysql_real_escape_string's manual page.

Sat, 11 Mar 2006 03:54:14 -0800 

 ID:               36692
 Updated by:       [EMAIL PROTECTED]
 Reported By:      nobody at example dot com
-Status:           Open
+Status:           Closed
 Bug Type:         Documentation problem
 Operating System: irrelevant
 PHP Version:      Irrelevant
 New Comment:

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation
better.




Previous Comments:
------------------------------------------------------------------------

[2006-03-11 12:41:54] [EMAIL PROTECTED]

Ok, tiny patch:

http://www.colder.ch/patches/mysql-real-escape-string.patch


Index: en/reference/mysql/functions/mysql-real-escape-string.xml
===================================================================
RCS file:
/repository/phpdoc/en/reference/mysql/functions/mysql-real-escape-string.xml,v
retrieving revision 1.25
diff -u -r1.25 mysql-real-escape-string.xml
--- en/reference/mysql/functions/mysql-real-escape-string.xml   3 Jan
2006 08:46:20 -0000     1.25
+++ en/reference/mysql/functions/mysql-real-escape-string.xml   11 Mar
2006 11:34:09 -0000
@@ -128,7 +128,7 @@
     if (get_magic_quotes_gpc()) {
         $value = stripslashes($value);
     }
-    // Quote if not integer
+    // Quote if not a number or a numeric string
     if (!is_numeric($value)) {
         $value = "'" . mysql_real_escape_string($value) . "'";
     }

------------------------------------------------------------------------

[2006-03-11 01:28:07] nobody at example dot com

is_int(), not int().

------------------------------------------------------------------------

[2006-03-11 01:26:04] nobody at example dot com

Description:
------------
On the documentation for mysql_real_escape_string at
http://us2.php.net/manual/en/function.mysql-real-escape-string.php :

// Quote if not integer
if (!is_numeric($value)) {
  $value = "'" . mysql_real_escape_string($value) . "'";
}


This is blatantly incorrect.  is_numeric() does *not* test whether
something is an integer.  This should probably be int() or
ctype_digit() instead.



------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=36692&edit=1

Reply via email to