db_escape_string

5 database.pgsql.inc db_escape_string($text)
5 database.mysql.inc db_escape_string($text)
5 database.mysqli.inc db_escape_string($text)
6 database.mysql.inc db_escape_string($text)
6 database.pgsql.inc db_escape_string($text)
6 database.mysqli.inc db_escape_string($text)

Prepare user input for use in a database query, preventing SQL injection attacks.

Related topics

Database abstraction layer
Allow the use of different database servers using the same code base.

1 call to db_escape_string()

File

includes/database.mysql.inc, line 327
Database interface code for MySQL database servers.

Code

function db_escape_string($text) {
  global $active_db;
  return mysql_real_escape_string($text, $active_db);
}
Login or register to post comments