What PHP function is sued to escape special characters in a string for use in an SQL statement? code example

Example 1: php escape string

The real_escape_string() / mysqli_real_escape_string() function escapes special characters in a string for use in an SQL query, taking into account the current character set of the connection.

Object oriented style:
$mysqli -> real_escape_string(escapestring)
 
$mysqli = new mysqli("localhost","my_user","my_password","my_db");

// Escape special characters, if any
$firstname = $mysqli -> real_escape_string($_POST['firstname']);
$lastname = $mysqli -> real_escape_string($_POST['lastname']);
$age = $mysqli -> real_escape_string($_POST['age']);

Procedural style:
mysqli_real_escape_string(connection, escapestring)
  
$con = mysqli_connect("localhost","my_user","my_password","my_db");

// Escape special characters, if any
$firstname = mysqli_real_escape_string($con, $_POST['firstname']);
$lastname = mysqli_real_escape_string($con, $_POST['lastname']);
$age = mysqli_real_escape_string($con, $_POST['age']);

Example 2: escape-character-in-sql-server

To escape the character in SQL SERVER just put the single quotes
infront of the one that you're trying to escape.

e.g select 'it''s escaped'

What PHP function is sued to escape special characters in a string for use in an SQL statement? code example

Example 1: php escape string

Example 2: escape-character-in-sql-server

Tags:

Php Example

Related

Recent Posts