Home/ Questions/Q 696571
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T03:04:37+00:00

I was looking through the docs and stumbled onto mysql_real_escape_string() and I’m not understanding

  • 0

I was looking through the docs and stumbled onto mysql_real_escape_string() and I’m not understanding why it’s useful when you can just addslashes(). Can someone show me a scenario as to why it’s useful?

I’m also curious why it requires a database connection…. that seems like a lot of overhead.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There is a great article about this here. And this discussion also points out the pros and cons of each solution.

    addslashes() was from the developers
    of PHP whereas
    mysql_real_escape_string uses the
    underlying MySQL C++ API (i.e. from
    the developers of MySQL).
    mysql_real_escape_string escapes EOF
    chars, quotes, backslashes, carriage
    returns, nulls, and line feeds. There
    is also the charset aspect.

    • 0