:sig
String mysql_escape(String raw, char quote_char)

:params
raw : the string to be escaped
quote_char : the character that should be used to wrap the string (pass NULL for no wrapping)
return value : the safe version of the 'raw' string

:see
>mysql

:content
Escapes a string so it can be used safely as a value inside an SQL expression.

If `quote_char` is provided, the escaped result is wrapped with that quote character. Pass `NULL` when you only want escaping without wrapping.

Related:

- PHP: modern database access through `mysqli_*` or PDO methods rather than the old `mysql_*` family
- JavaScript / Node.js: clients such as `mysql2`, query builders, or ORM adapters
