Description
string
mysql_escape_string ( string unescaped_string)
This function will escape the unescaped_string,
so that it is safe to place it in a mysql_query().
Note:
mysql_escape_string() does not escape
% and _.
This function is identical to mysql_real_escape_string() except that
mysql_real_escape_string() takes a connection handler and escapes the
string according to the current character
set. mysql_escape_string() does not take a
connection argument and does not respect the current charset setting.
Example 1. mysql_escape_string() example
<?php $item = "Zak's Laptop"; $escaped_item = mysql_escape_string($item); printf("Escaped string: %s\n", $escaped_item); ?>
|
The above example would produce the following output:
Escaped string: Zak\'s Laptop |
|
See also
mysql_real_escape_string(),
addslashes() and the
magic_quotes_gpc
directive.