On Fri, 15 Jan 2010 16:22:46 -0600 (CST), "Richard Lynch" wrote: > The subject line says it all: > > mysql_real_escape_string(0xffffffff) yields -1
Says nothing. Are you really asking PHP to convert an integer literal to string before passing it to m_r_e_s? That could easily explain the "-1", and I wouldn't be the least bit surprised if the behaviour varies across different versions of PHP. > What's up with that? > > Is there some way to convince mysql_real_escape_string to use BIGINT? > > I guess I'll just PCRE for digits and then pass it in and... > > But what if somebody passes in some BC Math number?... I think you are confused. mysql_real_escape_string() works on strings and doesn't care how many 'f' there are or what a BIGINT is. You're most likely passing "-1" to m_r_e_s. /Nisse -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
