Hello, I searching best replace for mysql_real_escape_string. Database: MSSQL Thanks for help Merry Christmas
$string = str_replace("'", "''", $string); I do not think there is a sererate function for. http://www.php.net/manual/en/function.mssql-query.php#70078
There isn't. In this case, I would probably opt for something like PDO or a 3rd party ORM that supports MSSQL like Doctrine. My main reason is that without a built-in escaping mechanism, it's possible to be susceptible to a targeted injection attack. Even addslashes or something similar may be susceptible, which is why mysql_real_escape_string was created.
Hi, Your better of just writing your own function, and storing it away in a class so you can use it over and over again, just make sure you include the basics.