On Saturday 15 December 2007 18:59:12 Richard Lynch wrote:
On Fri, December 14, 2007 11:03 am, Adam Williams wrote:
$query = sprintf(SELECT * FROM users WHERE user='%s' AND
password='%s',
mysql_real_escape_string($user),
mysql_real_escape_string($password));
On Fri, December 14, 2007 11:03 am, Adam Williams wrote:
$query = sprintf(SELECT * FROM users WHERE user='%s' AND
password='%s',
mysql_real_escape_string($user),
mysql_real_escape_string($password));
and I understand it uses the %s because of sprintf(), to indicate
On Saturday 15 December 2007 18:59:12 Richard Lynch wrote:
On Fri, December 14, 2007 11:03 am, Adam Williams wrote:
$query = sprintf(SELECT * FROM users WHERE user='%s' AND
password='%s',
mysql_real_escape_string($user),
mysql_real_escape_string($password));
I'm going to be inserting data from a PHP form into a mysql field. The
data could contain special characters like ' \ /, etc. How do I
handle that? just $data = addslashes(htmlspecialchars($data)); before
the insert query? because later on the data will be read back from the
mysql db
[snip]
I'm going to be inserting data from a PHP form into a mysql field. The
data could contain special characters like ' \ /, etc. How do I
handle that? just $data = addslashes(htmlspecialchars($data)); before
the insert query? because later on the data will be read back from the
Bastien Koert wrote:
use mysql_real_escape_string
bastien
Date: Fri, 14 Dec 2007 08:40:47 -0600 From: [EMAIL PROTECTED] To:
php-general@lists.php.net Subject: [PHP] how to handle inserting special
characters into a mysql field I'm going to be inserting data from a PHP
form
use mysql_real_escape_string
bastien
Date: Fri, 14 Dec 2007 08:40:47 -0600 From: [EMAIL PROTECTED] To:
php-general@lists.php.net Subject: [PHP] how to handle inserting special
characters into a mysql field I'm going to be inserting data from a PHP
form into a mysql field. The data
On Fri, December 14, 2007 8:40 am, Adam Williams wrote:
I'm going to be inserting data from a PHP form into a mysql field.
The
data could contain special characters like ' \ /, etc. How do I
handle that? just $data = addslashes(htmlspecialchars($data)); before
the insert query? because
Thanks for all the replies everyone. I have a question on
mysql_real_escape_string(). The PHP example page shows:
$query = sprintf(SELECT * FROM users WHERE user='%s' AND password='%s',
mysql_real_escape_string($user),
mysql_real_escape_string($password));
and I
On Fri, 2007-12-14 at 11:03 -0600, Adam Williams wrote:
Thanks for all the replies everyone. I have a question on
mysql_real_escape_string(). The PHP example page shows:
$query = sprintf(SELECT * FROM users WHERE user='%s' AND password='%s',
mysql_real_escape_string($user),
10 matches
Mail list logo