I was reading some articles about avoiding SQL injection. People used to use addslashes() function, and later more and more programmers are using mysql_real_escape_string(). What’s the difference between these two functions? Alan Storm from StackOverFlow gives a description which is the best as I know: PHP’s mysql_real_escape_string function will, more or less, ask mysql what [...]
Addslashes or Mysql_real_escape_string to use to Avoid SQL Injection
No Comments
