mm what is .....

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
forgun
Forum Commoner
Posts: 61
Joined: Wed Jan 29, 2003 6:05 am
Contact:

mm what is .....

Post by forgun »

what this function:

Code: Select all

mysql_escape_string()
i try to understand but i still not sure what this do
:lol:
evilcoder
Forum Contributor
Posts: 345
Joined: Tue Dec 17, 2002 5:37 am
Location: Sydney, Australia

Post by evilcoder »

Designed to stop errors in mysql_query:

Eg:

you have a variable called $Entry, and its value is = "Dave's Stuff"

Now if you were to put that into a mysql_query like:

mysql_query( INSERT INTO table ( entry ) VALUES ( '$Entry' ) )

you would get an error in your syntax because the variables has a ' in it, so mysql_query would read it as

mysql_query( INSERT INTO table ( entry ) VALUES ( 'Dave's Stuff' ) )

See the problem?

Hense mysql_escape_string() is similar to addslashes()

Using mysql_escape_string() can be done like this:

$Entry = "Dave's Stuff";
$Escaped = mysql_escape_string( $Entry );
mysql_query( INSERT INTO table ( entry ) VALUES ( '$Escaped' ) )

Hope this helps.
Post Reply