SQL escape string function

Escapes special characters in a string for use in an SQL statement. howewer it check get_magic_quotes_gpc function is enable or no. if true , it strips string from slashes and escaped string from special characters in a string for use in an SQL statement.

function sql_escape_string( $str, $conn = '' )
{
   if ( get_magic_quotes_gpc() )
      $str = stripslashes( $str );
   //check if this function exists
   if ( function_exists( "mysql_real_escape_string" ) and $conn )
      $str = mysql_real_escape_string( $str, $conn );
   else
      $str = addslashes( $str ); //for PHP version < 4.3.0 use addslashes
   return $str;
}

Tags

No tag here.
Short link to this page: vtwo.org/16891156
یا کپی به این صفحه

Recommended pages

Detect file extension function...

This function is used to find the file extension also you can use pathinfo() function for get information about a file path. function ext($file_name) { return substr($file_name, strrpos($fi...

Random string generator...

Random string generator. Optionally, you can give it a desired string length. function rnd_string($len = 24) { $str = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; $str...

Delete file function...

If file exists then delete the file. function delFile( $file_name ) { if ( file_exists( $file_name ) ) // Does '$file_name' exist { unlink( $file_name ); return true; } ...

Parse a string into separate words...

Parse a string into separate words (array output). function parser($str, $char = ' ') { $str = trim($str); $str = $str . $char; $len = strlen($str); $words = array(); $w = '...