db_escape_string

Prepare user input for use in a database query, preventing SQL injection attacks.

includes/database.mysqli.inc, line 327: Database interface code for MySQL database servers using the mysqli client libraries. mysqli is included in PHP 5 by default and allows developers to use the advanced features of MySQL 4.1.x, 5.0.x and beyond.

function db_escape_string($text) {
  global $active_db;
  return mysqli_real_escape_string($active_db, $text);
}

Search 6