db_escape_string

From Online Manual

Jump to: navigation, search

Usage:

$smcFunc['db_escape_string'] (uncleaned_string)


Description: Escapes strings for insertion into the database. The function does not require a database connection.
For MySQL addslashes is used, while for PostgreSQL pg_escape_string and for SQLite sqlite_escape_string as used.

Parameters:

  • uncleaned_string the string to be escaped.

Return: the escaped string.

Example:

// Add slashes to every element, even the indexes!
foreach ($var as $k => $v)
	$new_var[$smcFunc['db_escape_string']($k)] = escapestring__recursive($v);