Hey everyone, I'm currently working on a website and I haven't programmed php in a couple of years.
I've learned to use mysql_real_escape_string() to escape strings before they're stored in a database. However, I've noticed that PHP.net has labeled the function as deprecated. The suggested alternative is "PDO", but my current host does not support that, nor do I have any idea how to use it.
My questions:
- Can I continue to use mysql_real_escape_string or should I use some alternative function?
- Is PDO necessary and is it worth it to switch hosts? Any website where I can find a guide or turorial on PDO?
I've learned to use mysql_real_escape_string() to escape strings before they're stored in a database. However, I've noticed that PHP.net has labeled the function as deprecated. The suggested alternative is "PDO", but my current host does not support that, nor do I have any idea how to use it.
My questions:
- Can I continue to use mysql_real_escape_string or should I use some alternative function?
- Is PDO necessary and is it worth it to switch hosts? Any website where I can find a guide or turorial on PDO?
Last edited: