Check out the message below, which a user added to the online version of the PHP manual. Could this have anything to do with your problem?
** FROM http://br2.php.net/manual/en/function.mysql-escape-string.php ** sp4m_only at hotmail dot com 02-Apr-2003 10:07 I found out another very curious thing about both AddSlashes() and mysql_escape_string(). It seems that for mysql, the string '##' has some special meaning. Someone told me it might be the beginning of a comment line in the SQL statement. In any case, there is only ONE #-char inserted into the database, instead of two. The two escape functions DO NOT escape this two-char-sequence. So if you want to insert an image in the database and be SURE the image is not f#ck#d up, then do the escaping yourself: $filedata = str_replace('##', '\#\#', mysql_escape_string($filedata)); $query = "insert into IMAGES (IMAGE) values ($filedata)"; $result = mysql_query($query); I hope this will save you guys the ours that I spent by searching for the bug in my own code... **** On 26 Jan 2004 at 13:29, C C wrote: > > (...) My suggestion is that you try running your input through > > mysql_escape_string *only* > and see if it does the trick. If you do > > that, please let me (us) know the results; I'm curious. > > No, mysql_escape_string didn't work either. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
