php escape string
snippet in php

php escape string


The real_escape_string() / mysqli_real_escape_string() function escapes special characters in a string for use in an SQL query, taking into account the current character set of the connection.

Object oriented style:
$mysqli -> real_escape_string(escapestring)
$mysqli = new mysqli("localhost","my_user","my_password","my_db");

// Escape special characters, if any
$firstname = $mysqli -> real_escape_string($_POST['firstname']);
$lastname = $mysqli -> real_escape_string($_POST['lastname']);
$age = $mysqli -> real_escape_string($_POST['age']);

Procedural style:
mysqli_real_escape_string(connection, escapestring)
$con = mysqli_connect("localhost","my_user","my_password","my_db");

// Escape special characters, if any
$firstname = mysqli_real_escape_string($con, $_POST['firstname']);
$lastname = mysqli_real_escape_string($con, $_POST['lastname']);
$age = mysqli_real_escape_string($con, $_POST['age']);

addslashes php


$str = addslashes('What does "yolo" mean?');