Am Di, den 13.06.2006 schrieb Bluejack um 7:31:
> Is there any way to get mysqli_stmt_bind_param to take the bind
> parameters as an array? It seems to see an array as a single item,
> rather than detecting an array and expanding the elements.
see
http://www.php.net/call_user_func_array
/Georg
you should definitely quote it because serialized strings can still contain
quotes, semicolons, commas, etc... and other stuff thats used in sql
injection attacks.
On 5/24/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Hi,
Is a serialized array a "safe" string to enter into a mysql text fiel
