[font=verdana][size=10pt]Hello everybody.
I have a question about the mysql_real_escape_string() function in PHP.
To my understanding mysql_real-escape_string() escapes certain characters with a backslash, such as " and ’ to stop SQL injection attacks on your database, my question is, is it supposed to remove the backslash when the data is stored in the database ??
I ask this because if I were to echo the variable “Hello” after using the function, it echoes “Hello”, but if I were to check the variable once it has been entered into the database, it says “Hello”, is this correct, of have I done something wrong ??
[/size][/font]