MyBB Community Forums

Full Version: MySQL, real escape
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Isn't it better to make the class do an mysql_real_escape_string around each of the select, update and insert queries?
Instead of adding addslashes to each of the queries.
That would eliminate any future "typos" aswell.
MyBB 1.2 already uses mysql_real_escape_string rapped in $db->escape_string.

That is, "wrapped".