Name
mysql_escape_string
Synopsis
string mysql_escape_string (string input
)
Escapes
an input
string so it can be used as a
parameter to mysql_query( )
or
mysql_unbuffered_query( )
. The function returns a
copy of the input string that has any special characters escaped so
it is safe to use in an SQL query. Specifically, it escapes single
quote, double quote, NULL
, carriage return, line
feed, and SUB
(substitute) characters.
Example
<?php $person = "Steven O'Grady"; $person = mysql_escape_string($person); // Prints: Steven O\'Grady echo $person; ?>
Get Managing & Using MySQL, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.