21 lines
681 B
Plaintext
21 lines
681 B
Plaintext
:sig
|
|
String mysql_escape(String raw, char quote_char)
|
|
|
|
:params
|
|
raw : the string to be escaped
|
|
quote_char : the character that should be used to wrap the string (pass NULL for no wrapping)
|
|
return value : the safe version of the 'raw' string
|
|
|
|
:see
|
|
>mysql
|
|
|
|
:content
|
|
Escapes a string so it can be used safely as a value inside an SQL expression.
|
|
|
|
If `quote_char` is provided, the escaped result is wrapped with that quote character. Pass `NULL` when you only want escaping without wrapping.
|
|
|
|
Related:
|
|
|
|
- PHP: modern database access through `mysqli_*` or PDO methods rather than the old `mysql_*` family
|
|
- JavaScript / Node.js: clients such as `mysql2`, query builders, or ORM adapters
|