How does it make you feel?


$file_id = $db->escape_string(md5_file($file));

>>6
escape_string() is a mysqli method equivalent to mysqli_real_escape_string. So basically, the md5 sum is escaped before database insertion.
And so the question is, what's the point in escaping md5 checksums?