Posted by toddism on 06/20/06 16:47
My book says prevent it like this: $clean = array(); $mysql = array(); $clean['last_name']="o'reilly"; $mysql['last_name']=mysql_real_escape_string($clean['last_name']); why are we using an array ( $mysql['last_name'] ) instead of just a variable: $val? I just wanna understand. Thanks.
[Back to original message]
Copyright © 2005-2006 Powered by Custom PHP Programming