how would i add mysql_real_escape_string() function to the $password_md5 and $username ? help would be appreciated
$query="UPDATE `users` SET `password` = '$password_md5' WHERE `username` = '$username'";
can some body give me the script for that please i forgot how to to it. a example would really help me out
$query="UPDATE users SET password = '".mysql_real_escape_string($password_md5)."' WHERE username = '".mysql_real_escape_string($username)."'";
$username = mysql_real_escape_string($_POST['username']);
$password_md5= mysql_real_escape_string(md5($_POST['password']));
$query="UPDATE `users` SET `password` = '$password_md5' WHERE `username` = '$username'";
