Dooq
06-15-2006, 12:57 PM
Is there any diffrence between the two function ? I think all of them give me the same result.
|
||||
addslashes VS mysql_real_escape_stringmarek_mar 06-15-2006, 01:13 PM Yes. addslashes() escaped ", ', / and the null byte while mysql_real_escape_string() escapes \x00, \n, \r, \, ', " and \x1a. lansing 06-15-2006, 01:37 PM What is the best to use when you are working with imputed data that is include html code? What is the best to use when you are working with imputed data that is just user inputted that could contain any characters & symbols? Kid Charming 06-15-2006, 04:10 PM Also, addslashes() does not account for character set, so it can be fooled by sending certain multibyte characters. GJay 06-15-2006, 10:34 PM if data is going into a mysql database, it should go through mysql_real_escape_string. Always. marek_mar 06-15-2006, 11:06 PM addslashes() is actually useless. For every operation that needs escaping you have a special function to do it. |
| |||
EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum
vBulletin® v3.8.2, Copyright ©2000-2013, Jelsoft Enterprises Ltd.