API@RTK0.NET

db_escape_string

• Drupal 4.7
• Drupal 5

1. drupal
   1. 4.7
   2. 4.7 database.pgsql.inc
   3. 4.7 database.mysql.inc
   4. 5
   5. 5 database.pgsql.inc
   6. 5 database.mysql.inc
   7. 6 database.mysql.inc
   8. 6 database.pgsql.inc
   9. 6 database.mysqli.inc

Prepare user input for use in a database query, preventing SQL injection attacks.

Related topics

Database abstraction layer

Allow the use of different database servers using the same code base.

Code

includes/database.mysqli.inc, line 335

<?php
function db_escape_string($text) {
  global $active_db;
  return mysqli_real_escape_string($active_db, $text);
}
?>