[nycphp-talk] escaping % and _ in a MySQL query
Adam Maccabee Trachtenberg
adam at trachtenberg.com
Sun Oct 31 02:08:27 EST 2004
On Sat, 30 Oct 2004, Chris Shiflett wrote:
> --- Adam Maccabee Trachtenberg <adam at trachtenberg.com> wrote:
> > I prefer str_replace() to preg_replace(), but this is
> > essentially what I do.
>
> Can you explain what mysql_escape_string() isn't escaping?
Yes. It doesn't escape % or _.
-adam
--
adam at trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!
More information about the talk
mailing list
Automatic Email Organization without missing anything!