Page 1 of 1
AdoDB lite addslashes
Posted: Thu May 11, 2006 6:10 pm
by alex.barylski
What is it?
If I can't use mysql_escape_* WTF it is...what do I use to ensure portability?
Thanks a bunch...
p.s- I looked into AdoDB and it has a function called addq() but I can't find the same for adodb lite???
Am I blind?
Posted: Thu May 11, 2006 6:24 pm
by Technocrat
qstr() is what it is in the whole version. Not sure about lite. But I am sure AKA Panama Jack or someone else knows.
Posted: Fri May 12, 2006 2:29 am
by AKA Panama Jack
addq() is one of those undocumented features that was added to ADOdb at version 4.20.
It is NOT used by anything in the ADOdb package istself and only referenced in the changelog. I didn't add it because it was not a documented feature and probably little used. If you do use it with the mysql database it will NOT call the mysql_real_escape_string function even if it is availible.
addq() will return a result WITHOUT single quotes around it.
qstr() will return a result WITH single quotes around it.
If you need to use escape quoting you should use qstr() and adjust your queries accordingly.
Instead of
$db->Execute("SELECT * FROM mytable WHERE id = '" . $db->addq($id) . "'");
you should be using
$db->Execute("SELECT * FROM mytable WHERE id = " . $db->qstr($id));
This will properly escape quote for all databases and use any database specific functions while the addq() will NOT do this.
Posted: Fri May 12, 2006 9:19 am
by alex.barylski
Coolness...
Thank you kindly sir
