[nycphp-talk] escaping % and _ in a MySQL query
Adam Maccabee Trachtenberg
adam at trachtenberg.com
Sun Oct 31 02:08:27 EST 2004
On Sat, 30 Oct 2004, Chris Shiflett wrote:
> --- Adam Maccabee Trachtenberg <adam at trachtenberg.com> wrote:
> > I prefer str_replace() to preg_replace(), but this is
> > essentially what I do.
>
> Can you explain what mysql_escape_string() isn't escaping?
Yes. It doesn't escape % or _.
-adam
--
adam at trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!
More information about the talk
mailing list