(PHP4 & gt; 4.3.0, PHP5) mysql_real_escape_string & nbsp; & mdash; & nbsp; escape special characters in strings used in SQL statements, and take into account the connected current character set & nbsp; description: string & nbsp; mysql_real_escape_str
(PHP 4> = 4.3.0, PHP 5)
Mysql_real_escape_string? -? Escape special characters in strings used in SQL statements, and take into account the connected current character set
? Description string?
Mysql_real_escape_string? (? String?
$unescaped_string
? [,? Resource?
$link_identifier
?] )
This function will?unescaped_string
? Can be safely used? Mysql_query ().
Note:?Mysql_real_escape_string ()? Not escape?%? And?_.
Example #1?Mysql_real_escape_string ()? Example
$item?=?"Zak's?and?Derick's?Laptop";
$escaped_item?=?mysql_real_escape_string($item);
printf?("Escaped?string:?%s\n",?$escaped_item);
?>
The above example will generate the following output:
Escaped string: Zak\'s and Derick\'s Laptop
See? Mysql_escape_string ()? And?Mysql_character_set_name ().
Example:
$ Content = mysql_real_escape_string ($ content );
Pass $ content that contains html text into the function. The Returned text string is a string that has been escaped and can be correctly inserted into the database, otherwise, text containing special html characters cannot be directly inserted into the database.
Note: html content can be correctly output without any processing when retrieving data from the database!