maxdb_real_escape_string

maxdb::real_escape_string

(PECL maxdb >= 1.0)

maxdb_real_escape_string -- maxdb::real_escape_stringEscapes special characters in a string for use in an SQL statement, taking into account the current charset of the connection

说明

过程化风格

maxdb_real_escape_string ( resource $link , string $escapestr ) : string

面向对象风格

maxdb::real_escape_string ( string $escapestr ) : string

This function is used to create a legal SQL string that you can use in an SQL statement. The string escapestr is encoded to an escaped SQL string, taking into account the current character set of the connection.

Characters encoded are ', ".

返回值

Returns an escaped string.

范例

Example #1 面向对象风格

<?php
$maxdb 
= new maxdb("localhost""MONA""RED""DEMODB");

/* check connection */
if (maxdb_connect_errno()) {
   
printf("Connect failed: %s\n"maxdb_connect_error());
   exit();
}

$maxdb->query("CREATE TABLE temp.mycity LIKE hotel.city");

$city "'s Hertogenbosch";

/* this query will fail, cause we didn't escape $city */
if (!$maxdb->query("INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
   
printf("Error: %s\n"$maxdb->sqlstate);
}

$city $maxdb->real_escape_string($city);

/* this query with escaped $city will work */
if ($maxdb->query("INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
   
printf("%d Row inserted.\n"$maxdb->affected_rows);
}

$maxdb->close();
?>

Example #2 过程化风格

<?php
$link 
maxdb_connect("localhost""MONA""RED""DEMODB");

/* check connection */
if (maxdb_connect_errno()) {
   
printf("Connect failed: %s\n"maxdb_connect_error());
   exit();
}

maxdb_query($link"CREATE TABLE temp.mycity LIKE hotel.city");

$city "'s Hertogenbosch";

/* this query will fail, cause we didn't escape $city */
if (!maxdb_query($link"INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
   
printf("Error: %s\n"maxdb_sqlstate($link));
}

$city maxdb_real_escape_string($link$city);

/* this query with escaped $city will work */
if (maxdb_query($link"INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
   
printf("%d Row inserted.\n"maxdb_affected_rows($link));
}

maxdb_close($link);
?>

以上例程的输出类似于:

Warning: maxdb_query(): -5016 POS(43) Missing delimiter: ) <...>
Error: 42000
1 Row inserted.

参见

相关文章
php cubrid mysql 兼容性函数 return the current cubrid connection charsetphp cubrid 函数 return the current cubrid connection charsetphp cubrid mysql 兼容性函数 escape special characters in a string for use in an sql statementphp ibm db2 函数 prepares an sql statement to be executedphp ibm db2 函数 returns a string containing the sqlstate returned by an sql statementphp ibm db2 函数 returns a string containing the last sql statement error messagephp dbx 函数 escape a string so it can safely be used in an sql statementphp informix 函数 writes a string into the slob objectphp ingres 函数 escape special characters for use in a queryphp maxdb 函数 closes a previously opened database connectionphp maxdb 函数 returns a string representing the type of connection usedphp maxdb 函数 prepare an sql statement for executionphp maxdb 函数 escapes special characters in a string for use in an sql statement taking into account the current charset of the connectionphp maxdb 函数 returns a string description for last statement errorphp maxdb 函数 fetch results from a prepared statement into the bound variablesphp maxdb 函数 initializes a statement and returns an resource for use with maxdb stmt preparephp maxdb 函数 prepare an sql statement for executionphp maxdb 函数 returns the thread id for the current connectionphp sqlite 函数 escapes a string for use as a query parameterphp mysqlnduhconnection escapes special characters in a string for use in an sql statement taking into account the current charset of the connection
关注编程学问公众号