You are here

Home » API reference » Drupal 6 » database.mysql.inc

function db_escape_string in Drupal 6

Same name in this branch
  1. 6 includes/database.mysqli.inc \db_escape_string()
  2. 6 includes/database.mysql.inc \db_escape_string()
  3. 6 includes/database.pgsql.inc \db_escape_string()
Same name and namespace in other branches
  1. 4 includes/database.mysqli.inc \db_escape_string()
  2. 4 includes/database.mysql.inc \db_escape_string()
  3. 4 includes/database.pgsql.inc \db_escape_string()
  4. 5 includes/database.mysqli.inc \db_escape_string()
  5. 5 includes/database.mysql.inc \db_escape_string()
  6. 5 includes/database.pgsql.inc \db_escape_string()

Prepare user input for use in a database query, preventing SQL injection attacks.

Related topics

Database abstraction layer
Allow the use of different database servers using the same code base.
1 call to db_escape_string()
_db_query_callback in includes/database.inc
Helper function for db_query().

File

includes/database.mysql.inc, line 327
Database interface code for MySQL database servers.

Code

function db_escape_string($text) {
  global $active_db;
  return mysql_real_escape_string($text, $active_db);
}