If I use tilde (`) instead of normal double and single quotes (' and ") in my queries to surround strings, etc, will I need to escape these with a backslash? I think that mysql_real_escape_string does not do it.
[Resolved] do you need to escape tilde to stop injection attacks?
hmm... you're dynamically selecting columns/tables?
Instead of allowing user input to directly contain the name of the column/table, it is safer to hardcode the values, and determine which to use based on user input.
Oh, how silly of me. Probably a better idea.
Thanks.