Search DaTutorials:  
HOME
Php Tutorials
Articles
Basics
Date and Time
File Manipulations
Forms
Functions
General
Interactivity
MySql
Navigation
News,Shoutboxes and Blogs
Language Structure and Data Types
Searching
Security
String Manipulation
User Information and Stats
Search For a Tutorial
Php Reference

mysql_real_escape_string

(PHP 4 >= 4.3.0, PHP 5)

mysql_real_escape_string --  Escapes special characters in a string for use in a SQL statement, taking into account the current charset of the connection.

Description

string mysql_real_escape_string ( string unescaped_string [, resource link_identifier])

This function will escape special characters in the unescaped_string, taking into account the current charset of the connection so that it is safe to place it in a mysql_query().

Note: mysql_real_escape_string() does not escape % and _.

Example 1. mysql_real_escape_string() example

<?php
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
   die('Could not connect: ' . mysql_error());
}
$item = "Zak's and Derick's Laptop";
$escaped_item = mysql_real_escape_string($item, $link);
printf("Escaped string: %s\n", $escaped_item);
?>

The above example would produce the following output: 

Escaped string: Zak\'s and Derick\'s Laptop

See also mysql_escape_string() and mysql_client_encoding().



Copyright © 2001-2004 The PHP Group
All rights reserved.

     Increase Web Site Traffic | Credit Cards | The eBay Song | 0 Credit Cards | Webmaster forum
Home     Link To Us     Ad With Us     Contact Us     Tell A Friend     Affiliates     Blog     MsOfficeHelp