You should use
mysql_real_escape_string()
instead!
This function is identical to
mysql_real_escape_string()
except that
mysql_real_escape_string()
takes
a connection handler as its first argument and escapes the
string according to the current character set.
mysql_escape_string()
does not
take a connection argument and does not respect the current
character set.
User Comments
Add your own comment.