Is mysql_real_escape_string safe?

Question

Is mysql_real_escape_string safe?

OK, I have one question before starting MySQL coding in my school project. Is mysql_real_escape_string safe? I heard that it is still unsafe to use. Are there any tweaks that make SQL query safe? I have used mysql_real_escape_string many times, but I am not creating a site for my school, so the first thing I should check is security.

+6

php mysql

Sidd p Jun 16 '11 at 2:12

source share

1 answer

GordonM · Accepted Answer · 2011-06-16T05:35:52+0000

UPDATE : the answer below was, to my knowledge, correct at the time of writing. The fact is that mysql_real_escape_string is not safe and never was. You should always use prepared statements instead.

mysql_ * , 7 . .

mysql_real_escape_string (.. , PHP ), , , , . , HTML- .

, mysql_real_escape_string, , .

Is mysql_real_escape_string safe?

More articles: