NYCPHP Meetup

[David Mintz]

Suppose you have a form with a textfield for people to enter a string to
search for in your database, and you don't want people using % or _ unless
they mean it literally. This is kind of ugly:

$input =  preg_replace('/(%|_)/',"\\\\$1",$input);
$input = mysql_escape_string($input);

Is this more or less what you should do, or is there a classier solution
that I'm overlooking?

---
David Mintz
http://davidmintz.org/

$world =~ s|<bush[^>]*>.+</bush>||is;
Oh yeah, I could also use help writing a regex to match strings like
"<bush />" but I'm hoping it will be moot by Tuesday.