You should use
        mysql_real_escape_string()
        instead!
      
        This function is identical to
        mysql_real_escape_string()
        except that
        mysql_real_escape_string() takes
        a connection handler as its first argument and escapes the
        string according to the current character set.
        mysql_escape_string() does not
        take a connection argument and does not respect the current
        character set.
      


User Comments
Add your own comment.