TalkPHP - View Single Post

adamdecaf · 11-09-2009, 01:56 AM

An escape sample.

PHP Code:


			
$sql = "UPDATE " . mysql_real_escape_string($tbl_name) . 
" SET name=\'" . mysql_real_escape_string($name) . 
"\', lastname=\'" . mysql_real_escape_string($lastname) .
 "\', email=\'" . mysql_real_escape_string($email) . 
"\' WHERE id=\'" . mysql_real_escape_string($id) . "\'";

11-09-2009, 01:56 AM	#9 (permalink)
adamdecaf The Addict Join Date: May 2009 Posts: 287 Thanks: 5	An escape sample. PHP Code: `$sql = "UPDATE " . mysql_real_escape_string($tbl_name) . " SET name=\'" . mysql_real_escape_string($name) . "\', lastname=\'" . mysql_real_escape_string($lastname) . "\', email=\'" . mysql_real_escape_string($email) . "\' WHERE id=\'" . mysql_real_escape_string($id) . "\'";` __________________ My Site