/ Published in: PHP
This function first checks to see if PHP is set to automagically quote stuff. If it is, we first strip pre-quoted stuff, then (assuming our text isn't numeric), we properly quote everything.
A good bit of room for improvement here, but at the very least, you should hit this before inserting anything into your database.
A good bit of room for improvement here, but at the very least, you should hit this before inserting anything into your database.
Expand |
Embed | Plain Text
Copy this code and paste it in your HTML
<? /* Smart MySQL Escape Function This function first checks to see if PHP is set to automagically quote stuff. If it is, we first strip pre-quoted stuff, then (assuming our text isn't numeric), we properly quote everything. A good bit of room for improvement here, but at the very least, you should hit this before inserting anything into your database. */ // check to see if a string needs to be escaped for database input function escapeit ( $text ) { } } return $text; } ?>
URL: http://www.bigbold.com/snippets/posts/show/1533