PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
forgun
Forum Commoner
Posts: 61 Joined: Wed Jan 29, 2003 6:05 am
Contact:
Post
by forgun » Thu Jan 30, 2003 1:49 am
what this function:
i try to understand but i still not sure what this do
evilcoder
Forum Contributor
Posts: 345 Joined: Tue Dec 17, 2002 5:37 am
Location: Sydney, Australia
Post
by evilcoder » Thu Jan 30, 2003 1:59 am
Designed to stop errors in mysql_query:
Eg:
you have a variable called $Entry, and its value is = "Dave's Stuff"
Now if you were to put that into a mysql_query like:
mysql_query( INSERT INTO table ( entry ) VALUES ( '$Entry' ) )
you would get an error in your syntax because the variables has a ' in it, so mysql_query would read it as
mysql_query( INSERT INTO table ( entry ) VALUES ( 'Dave's Stuff' ) )
See the problem?
Hense mysql_escape_string() is similar to addslashes()
Using mysql_escape_string() can be done like this:
$Entry = "Dave's Stuff";
$Escaped = mysql_escape_string( $Entry );
mysql_query( INSERT INTO table ( entry ) VALUES ( '$Escaped' ) )
Hope this helps.