hi, There is a php function mysql_real_escape_string() that we can use to clean string variable before put in to sql query. I am afraid is there any other that can I use with Integer types or the same I should use for all type? Can any one explain this please..
@MindzaiMay 26.2009 — #Escaping something other than a string is not possible, there is no such thing as escaping an integer. If you want to clean/validate integers, you can either just cast to int to be sure of the type:
[code=php]$foo = (int) $foo;[/code]
or else check it is int and do soemthing different if it is not:
[code=php]if (!is_int($foo) { // not an int }[/code]
This function is escaping the given data for string type and prapare it for insertion. So we can insert this data in to any mysql String Types. Same like there are Numeric Types and Date & Time Types. You might have looked in ADO.NET, there is parameter collection where we can define the data as DBTYPE.INT, DBTYPE.BIT so on before insertion. I was guessing is there any function that can do this job.
@firebladeauthorMay 26.2009 — #Yes mindzai. That is what I wanted to confirm whether is there any other option or to go as usual. thanks for your replies.