1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Escape string for MSSQL

Discussion in 'PHP' started by GSP, Dec 24, 2011.

  1. #1
    Hello,
    SEMrush
    I searching best replace for mysql_real_escape_string.
    Database: MSSQL

    Thanks for help

    Merry Christmas
     
    GSP, Dec 24, 2011 IP
    SEMrush
  2. EricBruggema

    EricBruggema Well-Known Member

    Messages:
    1,730
    Likes Received:
    26
    Best Answers:
    13
    Trophy Points:
    125
    #2
    EricBruggema, Dec 29, 2011 IP
  3. jestep

    jestep Prominent Member Premium Member

    Messages:
    3,661
    Likes Received:
    215
    Best Answers:
    19
    Trophy Points:
    330
    #3
    There isn't. In this case, I would probably opt for something like PDO or a 3rd party ORM that supports MSSQL like Doctrine. My main reason is that without a built-in escaping mechanism, it's possible to be susceptible to a targeted injection attack. Even addslashes or something similar may be susceptible, which is why mysql_real_escape_string was created.
     
    jestep, Dec 29, 2011 IP
  4. shahinfosoft

    shahinfosoft Greenhorn

    Messages:
    24
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    16
    #4
    using
    mysql_escape_string()
     
    shahinfosoft, Dec 30, 2011 IP
  5. WPC

    WPC Peon

    Messages:
    116
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Hi,

    Your better of just writing your own function, and storing it away in a class so you can use it over and over again, just make sure you include the basics.
     
    WPC, Dec 31, 2011 IP