SQL escape string function

Escapes special characters in a string for use in an SQL statement. howewer it check get_magic_quotes_gpc function is enable or no. if true , it strips string from slashes and escaped string from special characters in a string for use in an SQL statement.

function sql_escape_string( $str, $conn = '' )
{
   if ( get_magic_quotes_gpc() )
      $str = stripslashes( $str );
   //check if this function exists
   if ( function_exists( "mysql_real_escape_string" ) and $conn )
      $str = mysql_real_escape_string( $str, $conn );
   else
      $str = addslashes( $str ); //for PHP version < 4.3.0 use addslashes
   return $str;
}

Tags

No tag here.
Short link to this page: vtwo.org/16891156
یا کپی به این صفحه

Recommended pages

Human readable file size...

This function return formatting of file sizes in a human readable format. function formatFileSize( $size ) { $file_size = $size; $i = 0;   $name = array( 'byte', 'kB', 'MB', '...

Encrypt and Decrypt function with different outputs...

Encrypt function return different value with each execute but decrypt function return input value. for example: first execute: encrypt('hello') => 'axxdfg34', decrypt('axxdfg34') return 'hello'...

PHP subwords() Function...

Function subwords, gets words by max num....

Change timestamp to custom format...

Use this function for change timestamp to custom format......