SQL escape string function

Escapes special characters in a string for use in an SQL statement. howewer it check get_magic_quotes_gpc function is enable or no. if true , it strips string from slashes and escaped string from special characters in a string for use in an SQL statement.

function sql_escape_string( $str, $conn = '' )
{
   if ( get_magic_quotes_gpc() )
      $str = stripslashes( $str );
   //check if this function exists
   if ( function_exists( "mysql_real_escape_string" ) and $conn )
      $str = mysql_real_escape_string( $str, $conn );
   else
      $str = addslashes( $str ); //for PHP version < 4.3.0 use addslashes
   return $str;
}

Tags

No tag here.
Short link to this page: vtwo.org/16891156
یا کپی به این صفحه

Recommended pages

Change timestamp to custom format...

Use this function for change timestamp to custom format......

Gregorian to Persian Date Convertor...

Gregorian to Persian Date Convertor....

How to created mixed arguments function...

This way useful for create mixed arguments function. function foo() { $args = func_get_args(); print_r($args); }   foo(1, 1256, 6, 17); //mixed ...   -------------------Out-...

Validate phone number...

Chek if a phone numbers is valid, according to its syntax (should be: "+390523599314"). True if it's valid, False otherwise function is_valid_phone( $phone ) { if ( $phone[0] != "+" ) { ...