I think the solution below is a better and safer approach.

replace addslashes() with mysql_real_escape_string()

$_sess_id_set = ( empty($_sess_id_set) ) ? NULL: mysql_real_escape_string($_sess_id_set);

[ reply ]