SQL escape string function

Escapes special characters in a string for use in an SQL statement. howewer it check get_magic_quotes_gpc function is enable or no. if true , it strips string from slashes and escaped string from special characters in a string for use in an SQL statement.

function sql_escape_string( $str, $conn = '' )
{
   if ( get_magic_quotes_gpc() )
      $str = stripslashes( $str );
   //check if this function exists
   if ( function_exists( "mysql_real_escape_string" ) and $conn )
      $str = mysql_real_escape_string( $str, $conn );
   else
      $str = addslashes( $str ); //for PHP version < 4.3.0 use addslashes
   return $str;
}

Tags

No tag here.

Recommended pages

PHP subwords() Function...

Function subwords, gets words by max num....

Encrypt and Decrypt function with different outputs...

Encrypt function return different value with each execute but decrypt function return input value. for example: first execute: encrypt('hello') => 'axxdfg34', decrypt('axxdfg34') return 'hello'...

Extract numbers from a unicode string...

Quick extract numbers from a unicode string......

Number Format...

Format a number with grouped thousands......