SQL escape string function

Escapes special characters in a string for use in an SQL statement. howewer it check get_magic_quotes_gpc function is enable or no. if true , it strips string from slashes and escaped string from special characters in a string for use in an SQL statement.

function sql_escape_string( $str, $conn = '' )
{
   if ( get_magic_quotes_gpc() )
      $str = stripslashes( $str );
   //check if this function exists
   if ( function_exists( "mysql_real_escape_string" ) and $conn )
      $str = mysql_real_escape_string( $str, $conn );
   else
      $str = addslashes( $str ); //for PHP version < 4.3.0 use addslashes
   return $str;
}

Tags

No tag here.
Short link to this page: vtwo.org/16891156
یا کپی به این صفحه

Recommended pages

File size calculator...

File size calculator function return file size format into kb, mb or gb. function file_size($size, $out = 'kb', $precision = 2) { switch ($out) { case 'kb': return round($...

Gregorian to Persian Date Convertor...

Gregorian to Persian Date Convertor....

Validate phone number...

Chek if a phone numbers is valid, according to its syntax (should be: "+390523599314"). True if it's valid, False otherwise function is_valid_phone( $phone ) { if ( $phone[0] != "+" ) { ...

Detect leap year...

Detect leap year for gregorian and shamsi date. function gLeapYear($year) { if (($year % 4 == 0) and (($year % 100 != 0) or ($year % 400 == 0))) return true; else return ...