©
本文档使用 PHP中文网手册 发布
(PECL maxdb >= 1.0)
maxdb_real_escape_string -- maxdb::real_escape_string — Escapes special characters in a string for use in an SQL statement, taking into account the current charset of the connection
过程化风格
$link
, string $escapestr
)面向对象风格
$escapestr
)This function is used to create a legal SQL string that you can use in an SQL statement. The string escapestr is encoded to an escaped SQL string, taking into account the current character set of the connection.
Characters encoded are ', ".
Returns an escaped string.
Example #1 面向对象风格
<?php
$maxdb = new maxdb ( "localhost" , "MONA" , "RED" , "DEMODB" );
if ( maxdb_connect_errno ()) {
printf ( "Connect failed: %s\n" , maxdb_connect_error ());
exit();
}
$maxdb -> query ( "CREATE TABLE temp.mycity LIKE hotel.city" );
$city = "'s Hertogenbosch" ;
if (! $maxdb -> query ( "INSERT into temp.mycity VALUES ('11111',' $city ','NY')" )) {
printf ( "Error: %s\n" , $maxdb -> sqlstate );
}
$city = $maxdb -> real_escape_string ( $city );
if ( $maxdb -> query ( "INSERT into temp.mycity VALUES ('22222',' $city ','NY')" )) {
printf ( "%d Row inserted.\n" , $maxdb -> affected_rows );
}
$maxdb -> close ();
?>
Example #2 过程化风格
<?php
$link = maxdb_connect ( "localhost" , "MONA" , "RED" , "DEMODB" );
if ( maxdb_connect_errno ()) {
printf ( "Connect failed: %s\n" , maxdb_connect_error ());
exit();
}
maxdb_query ( $link , "CREATE TABLE temp.mycity LIKE hotel.city" );
$city = "'s Hertogenbosch" ;
if (! maxdb_query ( $link , "INSERT into temp.mycity VALUES ('11111',' $city ','NY')" )) {
printf ( "Error: %s\n" , maxdb_sqlstate ( $link ));
}
$city = maxdb_real_escape_string ( $link , $city );
if ( maxdb_query ( $link , "INSERT into temp.mycity VALUES ('22222',' $city ','NY')" )) {
printf ( "%d Row inserted.\n" , maxdb_affected_rows ( $link ));
}
maxdb_close ( $link );
?>
以上例程的输出类似于:
Warning: maxdb_query(): -5016 POS(43) Missing delimiter: ) <...> Error: 42000 1 Row inserted.