You are here

function db_escape_string in Drupal 4

Same name in this branch

4 includes/database.mysqli.inc \db_escape_string()
4 includes/database.mysql.inc \db_escape_string()
4 includes/database.pgsql.inc \db_escape_string()

Same name and namespace in other branches

5 includes/database.mysqli.inc \db_escape_string()
5 includes/database.mysql.inc \db_escape_string()
5 includes/database.pgsql.inc \db_escape_string()
6 includes/database.mysqli.inc \db_escape_string()
6 includes/database.mysql.inc \db_escape_string()
6 includes/database.pgsql.inc \db_escape_string()

Prepare user input for use in a database query, preventing SQL injection attacks.

Related topics

Database abstraction layer: Allow the use of different database servers using the same code base.

5 calls to db_escape_string()

node_load in modules/node.module: Load a node object from the database.
system_update_151 in database/updates.inc
tablesort_sql in includes/tablesort.inc: Create an SQL sort clause.
update_convert_table_utf8 in ./update.php: Convert a single MySQL table to UTF-8.
_db_query_callback in includes/database.inc: Helper function for db_query().

File

includes/database.mysql.inc, line 342: Database interface code for MySQL database servers.

Code

function db_escape_string($text) {
  global $active_db;
  return mysql_real_escape_string($text, $active_db);
}