07-01-2008, 08:30 PM
|
#40 (permalink)
|
|
The Gregarious
Join Date: Sep 2007
Posts: 684
Thanks: 85
|
Quote:
Originally Posted by delayedinsanity
Tanax: In his copy of the code there is a reason to use it, because he doesn't run any checks to make sure that it's an integer, so they could very well try and insert malicious data. In mine it's casted to an integer so no it's not needed, and I omitted it.
|
But it's totally useless to do a mysql_real_escape_string when it's an integer. It's better just to check if it's an integer, takes less loading time and is far more cleaner. Not to mention; easier.
And thanks for the info about braces, didn't know that! 
__________________
|
|
|
|