Using mysql_real_escape_string()

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
webphotogeek
Forum Newbie
Posts: 18
Joined: Sun Jul 04, 2010 12:11 pm

Using mysql_real_escape_string()

Post by webphotogeek »

Can someone tell me if I should be using the mysql_real_escape_string() function with the MySQL Input statement?

Thanks.
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Re: Using mysql_real_escape_string()

Post by Weirdan »

what is 'mysql input statement'?
webphotogeek
Forum Newbie
Posts: 18
Joined: Sun Jul 04, 2010 12:11 pm

Re: Using mysql_real_escape_string()

Post by webphotogeek »

Sorry, I meant the Insert Into statement :lol:
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Re: Using mysql_real_escape_string()

Post by Weirdan »

Yes, you should, unless you use prepared statements (in which case you shouldn't use *escape() for bound variables).
Post Reply