I will plan to explode a string and add pluses to the front.
Then, put it into a query WHERE title MATCH(mysql_real_escape_string($string));
Would this be enough to prevent SQL injection?
Then, put it into a query WHERE title MATCH(mysql_real_escape_string($string));
Would this be enough to prevent SQL injection?
Comment