Pages

Wednesday 19 April 2017

PHP mysql_real_escape_string() Function

mysql_real_escape_string() calls MySQL's library function mysql_real_escape_string, which prepends backslashes to the following characters: \x00, \n, \r, \, ', " and \x1a.

 This function must always (with few exceptions) be used to make data safe before sending a query to MySQL.

 Syntax:

string mysql_real_escape_string ( string $unescaped_string [, resource $link_identifier = NULL] )
Example #1 Simple mysql_real_escape_string() example
<?php// Connect$link mysql_connect('mysql_host''mysql_user''mysql_password')
    OR die(mysql_error());// Query$query sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'",
            mysql_real_escape_string($user),
            mysql_real_escape_string($password));?>
Posted by at No comments:
Labels:

PHP stripcslashes() Function

The stripcslashes() function removes backslashes added by the addcslashes() function.

This function can be used to clean up data retrieved from a database or from an HTML form.

Syntax:

stripcslashes(string)

string - Required. Specifies the string to check
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)

Code Review

 SOLID Principles S – Single Responsibility Principle There should never be more than one reason for a class to change. O – Open-Closed Prin...