Php/docs/function.mysql-escape-string
mysql_escape_string
(PHP 4 >= 4.0.3, PHP 5)
mysql_escape_string — Escapes a string for use in a mysql_query
Warning This function was deprecated in PHP 4.3.0, and it and the entire original MySQL extension was removed in PHP 7.0.0. Instead, use either the actively developed MySQLi or PDO_MySQL extensions. See also the MySQL: choosing an API guide and its related FAQ entry for additional information. Alternatives to this function include:
Description
mysql_escape_string
( string $unescaped_string
) : string
This function will escape the unescaped_string
,
so that it is safe to place it in a mysql_query().
This function is deprecated.
This function is identical to mysql_real_escape_string() except that mysql_real_escape_string() takes a connection handler and escapes the string according to the current character set. mysql_escape_string() does not take a connection argument and does not respect the current charset setting.
Parameters
unescaped_string
- The string that is to be escaped.
Return Values
Returns the escaped string.
Examples
Example #1 mysql_escape_string() example
<?php$item = "Zak's Laptop";$escaped_item = mysql_escape_string($item);printf("Escaped string: %s\n", $escaped_item);?>
The above example will output:
Escaped string: Zak\'s Laptop
Notes
Note:
mysql_escape_string() does not escape
%
and_
.
See Also
- mysql_real_escape_string() - Escapes special characters in a string for use in an SQL statement
- addslashes() - Quote string with slashes
- The magic_quotes_gpc directive.