Question : mysql_real_escape_string equivalent when you dont have a db connection

hello,

i just got hacked so by someone using a contact form which sends an email using PHP, their is no database connection so i need code which will do the same as mysql_real_escape_string so i can secure my contact form from being hacked.

Answer : mysql_real_escape_string equivalent when you dont have a db connection

OOPS.. I must be really sleepy.. To sum it up:

You have to use addcslashes - note the C in between. In this function, you can give the list of characters to be escaped.
So, addcslashes($str, "\x00\n\r\'\"\x1a"); is equivalent to  mysql_real_escape_string($str); since the latter escapes only the characters listed in the former.
Here is the correct link: http://www.php.net/manual/en/function.addcslashes.php
Random Solutions  
 
programming4us programming4us