You are here

function db_escape_string in Drupal 5

Same name in this branch
  1. 5 includes/database.mysqli.inc \db_escape_string()
  2. 5 includes/database.mysql.inc \db_escape_string()
  3. 5 includes/database.pgsql.inc \db_escape_string()
Same name and namespace in other branches
  1. 4 includes/database.mysqli.inc \db_escape_string()
  2. 4 includes/database.mysql.inc \db_escape_string()
  3. 4 includes/database.pgsql.inc \db_escape_string()
  4. 6 includes/database.mysqli.inc \db_escape_string()
  5. 6 includes/database.mysql.inc \db_escape_string()
  6. 6 includes/database.pgsql.inc \db_escape_string()

Prepare user input for use in a database query, preventing SQL injection attacks.

Related topics

4 calls to db_escape_string()
system_update_151 in modules/system/system.install
tablesort_sql in includes/tablesort.inc
Create an SQL sort clause.
update_convert_table_utf8 in ./update.php
Convert a single MySQL table to UTF-8.
_db_query_callback in includes/database.inc
Helper function for db_query().

File

includes/database.mysqli.inc, line 382
Database interface code for MySQL database servers using the mysqli client libraries. mysqli is included in PHP 5 by default and allows developers to use the advanced features of MySQL 4.1.x, 5.0.x and beyond.

Code

function db_escape_string($text) {
  global $active_db;
  return mysqli_real_escape_string($active_db, $text);
}