Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
MySQL, real escape
#1
Isn't it better to make the class do an mysql_real_escape_string around each of the select, update and insert queries?
Instead of adding addslashes to each of the queries.
That would eliminate any future "typos" aswell.
#2
MyBB 1.2 already uses mysql_real_escape_string rapped in $db->escape_string.

Chris
#3
That is, "wrapped".
Peter Akkies


Forum Jump:


Users browsing this thread: 1 Guest(s)