mysql_escape_string() Function in PHP
What is mysql_escape_string() function in PHP?
How does mysql_escape_string() works?
Explanation
Mysql function mysql_escape_string() replaces characters such as %,_ and NULL that have a special meaning in MySQL with an escape sequence. The function is used to escape the individual values for a query, rather than an entire query string.
Syntax
This function is identical to mysql_real_escape_string() except that mysql_real_escape_string() takes a connection handler and escapes the string according to the current character set. mysql_escape_string() does not take a connection argument and does not respect the current charset setting. This function doesnot escape % and _.
Example:
In the above example string contain special characted single quotes, it is escaped by passing the string to mysql_escape_string() function. Here single quotes is espaced by adding a slash before characted to display the string as such.
RESULT:
Escaped string: Zak's Laptop
See also: mysql_real_escape_string()
Syntax
string mysql_escape_string ( string unescaped_string)
This function is identical to mysql_real_escape_string() except that mysql_real_escape_string() takes a connection handler and escapes the string according to the current character set. mysql_escape_string() does not take a connection argument and does not respect the current charset setting. This function doesnot escape % and _.
Example:
| <?php $item = "Zak's Laptop"; $escaped_item = mysql_escape_string($item); printf("Escaped string: %sn", $escaped_item); ?> |
In the above example string contain special characted single quotes, it is escaped by passing the string to mysql_escape_string() function. Here single quotes is espaced by adding a slash before characted to display the string as such.
RESULT:
Escaped string: Zak's Laptop
See also: mysql_real_escape_string()
