Revision: 1456
Updated Code
at October 9, 2006 11:29 by sorehead
Updated Code
<?
/*
Smart MySQL Escape Function
This function first checks to see if PHP is set to automagically quote stuff. If it is, we first strip pre-quoted stuff, then (assuming our text isn't numeric), we properly quote everything.
A good bit of room for improvement here, but at the very least, you should hit this before inserting anything into your database.
*/
// check to see if a string needs to be escaped for database input
function escapeit ( $text ) {
if ( get_magic_quotes_gpc() ) {
$text = stripslashes($text);
}
if ( !is_numeric($text) ) {
$text = mysql_real_escape_string($text);
}
return $text;
}
?>
Revision: 1455
Initial Code
Initial URL
Initial Description
Initial Title
Initial Tags
Initial Language
at October 9, 2006 11:28 by sorehead
Initial Code
<?
/*
Smart MySQL Escape Function
This function first checks to see if PHP is set to automagically quote stuff. If it is, we first strip pre-quoted stuff, then (assuming our text isn't numeric), we properly quote everything.
A good bit of room for improvement here, but at the very least, you should hit this before inserting anything into your database.
*/
// check to see if a string needs to be escaped for database input
function escapeit ( $text ) {
if ( get_magic_quotes_gpc() ) {
$text = stripslashes($text);
}
if ( !is_numeric($text) ) {
$text = mysql_real_escape_string($text);
}
return $text;
}
?>
Initial URL
http://www.bigbold.com/snippets/posts/show/1533
Initial Description
This function first checks to see if PHP is set to automagically quote stuff. If it is, we first strip pre-quoted stuff, then (assuming our text isn't numeric), we properly quote everything. A good bit of room for improvement here, but at the very least, you should hit this before inserting anything into your database.
Initial Title
Smart MySQL Escape Function
Initial Tags
mysql, function
Initial Language
PHP