Why use mysql_real_escape_string, doesn't addslashes prevent everything?
Posted
by Webnet
on Stack Overflow
See other posts from Stack Overflow
or by Webnet
Published on 2010-03-29T18:51:07Z
Indexed on
2010/03/29
18:53 UTC
Read the original article
Hit count: 202
mysql
I was looking through the docs and stumbled onto mysql_real_escape_string() and I'm not understanding why it's useful when you can just addslashes(). Can someone show me a scenario as to why it's useful?
I'm also curious why it requires a database connection.... that seems like a lot of overhead.
© Stack Overflow or respective owner