The example in this article describes the usage of mysql_escape_string() function. Share it with everyone for your reference, the details are as follows:
Use mysql_escape_string() to encode the data in question in the query:
There are some data such as:
char query(1024); sprintf (query, "select * from my_tbl where name = '%s'",name);
If at this time, name contains data such as: "0'Malley,Brian", such a query statement will be generated: select * from my_tbl where name = '0'Malley,Brian', which will cause an error. of production.
The process of calling mysql_escape_string() is as follows:
my $item = "aaa's bbb" my $escape_item = mysql_escape_string($item);
At this time, the content of escape_item is: aaa's bbb
PS: This function has been deprecated in PHP5.3, so you only need to know about this function and its use is not recommended.
Readers who are interested in more PHP related content can check out the special topics of this site: "php programming security tutorial", "php security filtering skills summary", PHP operations and operator usage summary", PHP network programming skills Summary", "Introduction Tutorial on PHP Basic Syntax", "Summary of PHP Office Document Operation Skills (Including Word, Excel, Access, PPT)", "Introduction Tutorial on PHP Object-Oriented Programming", "Summary of PHP String Usage" , "Introduction Tutorial on PHP MySQL Database Operation" and "Summary of Common PHP Database Operation Skills"
I hope this article will be helpful to everyone in PHP programming.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
