while i understand why mysql_real_escape_string requires an active mysql connection to escape various strings, i were hoping on the following:

some sort of way to manually (er, terminology here, perhaps ‘statically’ would be the correct term) push the charset to mysql_real_escape_string so that no active db connection is required to run mysql_real_escape_string.

as some people may ask why we want to mysql_real_escape_string without an active connection, the reasoning is simple:

a) construct query (this is where the mysql_real_escape_string takes place)
b) create hash (md5, md4, sha1, crc32, choose your poison) from said query
c) check cache (memcached) for hash created in step b
d) query cached in memcached -> return cached results -> terminate script
c) query NOT cached in memcached -> connect to mysql -> cache result to memcached + return result

so as you can see with the above, because a hash of the query is created prior to checking the cache / connecting to the db if needed… mysql_real_escape_string takes place BEFORE a db connection is made.

the whole goal of this is so that if we are able to execute a ‘whole page request’ purely from cache hits, there is just no need to connect to mysqld. period.

what we have now is a large set of requests where the a db connection is made just so that mysql_real_escape_string can execute. this seams un necessary.

so, to summarize:

we need to a way to SAFELY escape mysql strings (POST and GET values, so it needs to be 100% safe) without making a db connection.

thanks.