|
|
Posted by Juliette on 11/19/92 11:45
Tom wrote:
> I'm interested in adopting ADOdb (actually ADOdb Lite) and have a
> simple question that I haven't been able to quite pinpoint an answer
> to.
>
> I'm used to using the native mysql functions with
> mysql_escape_string(). With ADOdb, is this handled transparently with
> the execute method or should I take my own steps to sanitize input
> data?
>
When using adodb you should escape strings using the $db->qstr() method,
this will escape the string properly for the database type you use.
Data returned will be returned 'sanely', i.e. if slashes where added for
insertion into the database, they will be removed automagically.
Have a look at the adodb documentation, it's pretty detailed and
explains all this.
Grz, Jrf
Navigation:
[Reply to this message]
|