Page 1 of 1
mysql_real_escape_string [ ANSWERED ]
Posted: Thu Dec 08, 2005 12:08 pm
by wtf
Is it sufficient to prevent sql injections?
Posted: Thu Dec 08, 2005 12:59 pm
by Nathaniel
Posted: Thu Dec 08, 2005 2:35 pm
by wtf
Thanks... that answered all my questions.
Posted: Thu Dec 08, 2005 3:18 pm
by AKA Panama Jack
Remember that's SINGLE quotes and not double quotes.
Actually you should use quotes around all data being inserted into any field, even if it is a float field. It makes things alot cleaner in the long run.