On Mar 27, 9:39*am, ndlarsen <use...@ionline.dk> wrote:
> Hello.
>
> It's been a while since I used php. Since then magic quotes has been
> deprecated and will be removed when php 6.0 hits. My question is, what
> should I be using when submitting data to a database instead? Which is
> better for security reasons, addslashes() or mygql_real_escape_string()?
>
> Thanks you.
>
> Regards
>
> ndlarsen

I don't want to go offtopic, but mysql_real_escape_string serously
leaks memory for me. Using MDB2's quote function it runs out of my
allowed 200MB in a minute. If I just comment out
mysql_real_escape_string inside the escape function there is no leak.
Any idea?