When should i use mysql_real_escape_string?
Is it only when i’m inserting rows into a database? Or only when i have user input?
Thanks
When should i use mysql_real_escape_string? Is it only when i’m inserting rows into a
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
When should i use mysql_real_escape_string?
Is it only when i’m inserting rows into a database? Or only when i have user input?
Thanks
You should use mysql_real_escape_string() whenever you’re building a query that will be run against the database. Any user input that is being used to build a database query should be run through this function. This will prevent sql injection attacks.
User inputs are your big area of concern when it comes to this.