You are here: mysql_real_escape_string() advice please. « All PHP « IT news, forums, messages
mysql_real_escape_string() advice please.

Posted by Richard on 03/30/07 16:42

Hi there, I'm seeking best practice for an issue I've only just thought
about whilst learning the PHP basics, forgive me if the answer is very
obvious. :)

If I have a text field in a form that I want to apply a 512 max char count
on, what size text field should I actually create to store it in a mySQL
database?

I ask this because if I use mysql_real_escape_string($text) to safely
escape the submitted data, couldn't the char count increase well beyond the
512 max char count of the submitted data? If so how much extra room should I
allow to avoid truncating the string in the database? Do I just double the
max, for worst case scenario that every character in the string needs
escaping? Or does the function add potentially more than one extra character
like ' or \ per char that needs escaping?

my_field TEXT(1024) NOT NULL

Or am I being stupid and the escape characters are only to pass on the data
to mySQL safely, and are not actually stored in the database?

Thanks experts!

Richard

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация