The example in this article describes the usage of the mysql_escape_string() function. Share it with everyone for your reference, the details are as follows:
Use mysql_escape_string() to encode the data in question in the query:
There are some data such as:
char query(1024); sprintf (query, "select * from my_tbl where name = '%s'",name);
If at this time, name contains data such as: "0'Malley,Brian", such a query statement will be generated: select * from my_tbl where name = '0'Malley,Brian', which will cause an error. of production.
The process of calling mysql_escape_string() is as follows:
my $item = "aaa's bbb" my $escape_item = mysql_escape_string($item);
At this time, the content of escape_item is: aaa's bbb
PS: This function has been deprecated in PHP5.3, so you only need to know about this function and its use is not recommended.
Readers who are interested in more PHP-related content can check out the special topics of this site: "php programming security tutorial", "php security filtering skills summary", "Summary of PHP operations and operator usage", "Summary of PHP network programming skills", "PHP basic syntax introductory tutorial", "PHP operating office document skills Summary (including word, excel, access, ppt) ", "php object-oriented programming introductory tutorial ", "php string (string) usage summary ", " php mysql database operation introductory tutorial" and "php common database operation skills summary"
I hope this article will be helpful to everyone in PHP programming.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
