No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
{{smcfunc | {{smcfunc | ||
|function=db_escape_string | |function=db_escape_string | ||
|internal=true | |||
|usage=$smcFunc['db_escape_string'] (uncleaned_string) | |usage=$smcFunc['db_escape_string'] (uncleaned_string) | ||
|description=Escapes strings for insertion into the database. The function does not require a database connection.<br>For MySQL [http://php.net/manual/en/function.addslashes.php addslashes] is used, while for PostgreSQL [http://php.net/manual/en/function.pg-escape-string.php pg_escape_string] and for SQLite [http://php.net/manual/en/function.sqlite-escape-string.php sqlite_escape_string] as used. | |description=Escapes strings for insertion into the database. The function does not require a database connection.<br>For MySQL [http://php.net/manual/en/function.addslashes.php addslashes] is used, while for PostgreSQL [http://php.net/manual/en/function.pg-escape-string.php pg_escape_string] and for SQLite [http://php.net/manual/en/function.sqlite-escape-string.php sqlite_escape_string] as used. | ||
Revision as of 07:52, 11 October 2012
Usage:
$smcFunc['db_escape_string'] (uncleaned_string)
 |
This function should never be used outside the database abstraction layer (Db-*.php or Subs-Db-*.php files) |
Description: Escapes strings for insertion into the database. The function does not require a database connection.
For MySQL addslashes is used, while for PostgreSQL pg_escape_string and for SQLite sqlite_escape_string as used.
Parameters:
- uncleaned_string the string to be escaped.
Return: the escaped string.
Example:
// Add slashes to every element, even the indexes! foreach ($var as $k => $v) $new_var[$smcFunc['db_escape_string']($k)] = escapestring__recursive($v);
