mysql_real_esacpe_string should be prefered over addslashes for the reason of different character encodings.

It has been discussed before http://drupal.org/node/13180#comment-23787 the reason for rejection were version conflicts, that are not present anymore since PHP 4.3.3 is required in HEAD /INSTALL.txt and mysql_real_escape_string exists since 4.3.

However I have added a fallback to addslashes incase no db is established. If that is not necesary it can be removed.

CommentFileSizeAuthor
#1 mysql_real_escape_string_0.patch897 bytesUwe Hermann
mysql_real_escape_string.patch814 bytesThomas Ilsche
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Uwe Hermann’s picture

Uwe Hermann CreditAttribution: Uwe Hermann commented
FileSize
mysql_real_escape_string_0.patch897 bytes

Fixed typos and minor cosmetic issues in the patch. I didn't test if it works, merely if it applies to HEAD.

moshe weitzman’s picture

moshe weitzman CreditAttribution: moshe weitzman commented
Status: Needs review » Reviewed & tested by the community

i see no legitimate reason to hold this one back. if someone does, please change status.

Dries’s picture

Dries CreditAttribution: Dries commented
Status: Reviewed & tested by the community » Fixed

Committed a modified version to HEAD.

Anonymous’s picture

(not verified) CreditAttribution: commented
Status: Fixed » Closed (fixed)