MySQL in a Nutshell, 2nd Edition

Name

QUOTE()

Synopsis

QUOTE(string)

This function accepts a string enclosed in single quotes and returns a string that is safe to manipulate with SQL statements. Single quotes, backslashes, ASCII NULLs, and Ctrl-Zs contained in the string are escaped with a backslash. This is a useful security measure when accepting values from a public web interface. Here is an example:

SELECT QUOTE(course_name) AS Courses
FROM courses
WHERE course_code = 'ENGL-405';

+---------------------+
| Courses             |
+---------------------+
| 'Works of O\'Henry' |
+---------------------+

Notice in the results that because of the QUOTE() function, the string returned is enclosed in single quotes, and the single quote within the data returned is escaped with a backslash.

Get MySQL in a Nutshell, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

MySQL in a Nutshell, 2nd Edition by Russell J.T. Dyer

Name

Synopsis

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly