ndlarsen wrote:
> Again I appreciate your replies.
> I guess I chose the wrong words before, probably because I knew what I
> meant and expected that everybody else would as well. Now, as none is
> capable of mind reading, this is not so. ;)
> I just tested the "best practices" code from the php manual and it did
> what I expected it to - that is, not modifying the data and submitting
> it to the db unaltered. So if I were to submit data to a db, a string
> containing "jnjsdf'jn/ljknv\knns", it would be submitted to the db as
> such and I could retrieve it without the need to strip the string from
> any sort of characters, right? At least so it seems from following code:
>

Read up on mysql_real_escape_string(). It does modify the data as it's
being sent to the database - but the data is modified in a predictable
way (i.e. to take care of embedded quotes, etc.). The result when
retrieved from the database is just as you put it in there.

Add databases require some modification of the data to store special
characters. But if you do the modification properly, the data is
retrieved without modification. MySQL has a function which does this
for you; some others don't.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================