Protection against SQL injection attacks in PHP.
Early on PHP had no good methods for escaping SQL, and until recently didn’t support parameterized queries. As a result a lot of documentation covers SQL queries without really addressing the issue, and a lot of older PHP developers are unaware of the enhancements made to prevent this type of attack.
PHP 4.3 introduced mysql_real_escape_string […]