addslashes() vs. mysql_real_escape_string()
Posted: Sat Jul 29, 2006 11:45 am
Hello all,
I'm building a class called 'safehouse' that includes different functions to filter data and create random strings for passwords and other things like that. My problem is, there are many times when I want to store variables in a 'clean' array after checking to see if they are of the correct input and after escaping them.
The problem is that mysql_real_escape_string() can only be called after a connection to the database is made, and I want to do things before that connection is made. That being said, would using addslashes() obtain the same objective with the same amount of security?
Thank you,
Jason
I'm building a class called 'safehouse' that includes different functions to filter data and create random strings for passwords and other things like that. My problem is, there are many times when I want to store variables in a 'clean' array after checking to see if they are of the correct input and after escaping them.
The problem is that mysql_real_escape_string() can only be called after a connection to the database is made, and I want to do things before that connection is made. That being said, would using addslashes() obtain the same objective with the same amount of security?
Thank you,
Jason