On Thu, 28 Sep 2006 11:33:06 -0400, Eric Butera wrote:
On 9/28/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
Hi Tedd,
According to
http://nl3.php.net/mysql_real_escape_string
The function requires a MySQL connection. If there is none, it
will try and create one. That fails now.
On 9/29/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
On Thu, 28 Sep 2006 11:33:06 -0400, Eric Butera wrote:
He's not actually *putting* it in a database, so isn't it useless to use a
mysql_ function for this...? Maybe I misunderstand Tedd and he does use a
database, as I don't see why he
At 9:52 AM -0400 9/29/06, Eric Butera wrote:
Tedd,
Not to make a big deal out of this but are you aware of the
differences on filtering input and escaping output?
mysql_real_escape_string is for escaping something for the database.
It doesn't filter or clean anything. Just like htmlentities
On Thu, 28 Sep 2006 11:06:45 -0400, tedd wrote:
Hi gang:
In one of my snip-its, namely:
http://xn--ovg.com/pdf
I was generating a pdf document after the user filled in a form. I
had been cleaning the user input by using --
$name = mysql_real_escape_string($name);
-- even though
On 9/28/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
Hi Tedd,
According to
http://nl3.php.net/mysql_real_escape_string
The function requires a MySQL connection. If there is none, it
will try and create one. That fails now. Possibly you could use addslashes()?
Regards,
Ivo
--
PHP General
5 matches
Mail list logo
