I am working on a site, and since MS SQL costs money, I am stuck with MySQL, which means running functions as strings (which I am still completely against!)
Now, to avoid SQL injection, I use mysql_real_escape_string(), however, since I am working with Joomla, there is a chance some data I use will be passed around to other functions, and there is a small chance that they too may use the same function for cleaning strings.
Is there any way to know or prevent if a string is “mysql cleaned” twice?
