Found that including " or ' in a MySQL query can cause things to destruct. When I looked into it more, I also found it's a security hole. My original description was too long so it's in the attached PDF. The main part of it is: "I'd like an elegant way to handle all of this. I do not want to use mysql_real_escape_string, because that function requires a connection to a separate mysql server and slows things down. I'd like someone ot fix/improve the above and explain the improvement. I don't want to end up with escaped slashes when retrieving it back from the database."
1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done.
2) Deliverables must be in ready-to-run condition, as follows? (depending on the nature? of the deliverables):
a)? For web sites or? other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment.
b) For all others including desktop software or software the buyer intends to distribute: A software? installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request.
3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).
MySQL and PHP