This is a safe way to structure mysql_query in PHP

, , , , - , :

INSERT INTO user (password, username) VALUES (abc1234fg00000, admin);

, . , ....

mysql , . , INSERT. , , insert, , . , - POST , ( , magic_quotes, ).

OTOH, , -

"SELECT 1 
FROM users
WHERE username='" . $_POST['username'] . "'
AND password='" . sha1($_POST['username'] . "';";

$_POST ['username'] "admin" 1, .

mysql_real_escape_string(), (, sha1, bas64_encode.... NOT addslashes)

.

, magic_quotes_gpc.
var_dump(ini_get('magic_quotes_gpc')); phpinfo();

, , . .