+// Get id from last INSERT command and secure id
+function getSqlInsertId () {
+ if (!isSqlLinkUp()) return FALSE;
+ return bigintval(mysql_insert_id());
+}
+
+// Escape a string for the database
+function sqlEscapeString ($str, $secureString = TRUE, $strip = TRUE) {
+ // Is there cache?
+ if (!isset($GLOBALS['sql_escapes']['' . $str . ''])) {
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ' - BEFORE!');
+
+ // Prepare the string here
+ $str = sqlPrepareQueryString($str);
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ' - AFTER!');
+
+ // Secure string first? (which is the default behaviour!)
+ if ($secureString === TRUE) {
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ',strip=' . intval($strip) . ' - BEFORE!');
+
+ // Then do it here
+ $str = secureString($str, $strip);
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ',strip=' . intval($strip) . ' - AFTER!');
+ } // END - if
+
+ // Init (invalid) value
+ $ret = '!INVALID!';
+
+ if (!isSqlLinkUp()) {
+ // Fall-back to escapeQuotes() when there is no link
+ $ret = escapeQuotes($str);
+ } elseif (function_exists('mysql_real_escape_string')) {
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str);
+
+ // The new and improved version
+ $ret = mysql_real_escape_string($str, getSqlLink());