RENDER() { <>
String query = "SELECT * FROM :table WHERE x = :val";
StringMap params;
params["table"] = "TableName";
params["val"] = "Dubious\\Value'Name\nwith;breaks";
MySQL con;
if(con.connect("localhost", "root", ""))
{
print("error: "+con.error()+"\n");
print("quotation test: "+con.escape("‘\"' or 1=1;–.")+"\n");
print("query parse: "+con.parse_query_parameters(query, params)+"\n");
print(var_dump(con.query("SHOW DATABASES")));
con.query("USE mysql");
?>
SELECT * FROM user table
print(var_dump(con.query("SELECT * FROM user")));
}
?>
= var_dump(context->params) ?>> }