php man page for maxdb_real_escape_string

Php Man Pages All Man Pages Latest Topics Forum Categories

Query: maxdb_real_escape_string

OS: php

Section: 3

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

MAXDB_REAL_ESCAPE_STRING(3)						 1					       MAXDB_REAL_ESCAPE_STRING(3)

maxdb_real_escape_string - Escapes special characters in a string for use in an SQL statement, taking into account the current charset of the con-
nection

       Procedural style


SYNOPSIS

       string maxdb_real_escape_string (resource  $link, string  $escapestr)


DESCRIPTION

       Object oriented style
       string maxdb::real_escape_string (string  $escapestr)

	This function is used to create a legal SQL string that you can use in an SQL statement. The string escapestr is encoded to an escaped SQL
       string, taking into account the current character set of the connection.

	Characters encoded are ', ".


RETURN VALUES

	Returns an escaped string.


EXAMPLES

       Example #1

	      Object oriented style

	      <?php
	      $maxdb = new maxdb("localhost", "MONA", "RED", "DEMODB");

	      /* check connection */
	      if (maxdb_connect_errno()) {
		 printf("Connect failed: %s
", maxdb_connect_error());
		 exit();
	      }

	      $maxdb->query("CREATE TABLE temp.mycity LIKE hotel.city");

	      $city = "'s Hertogenbosch";

	      /* this query will fail, cause we didn't escape $city */
	      if (!$maxdb->query("INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
		 printf("Error: %s
", $maxdb->sqlstate);
	      }

	      $city = $maxdb->real_escape_string($city);

	      /* this query with escaped $city will work */
	      if ($maxdb->query("INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
		 printf("%d Row inserted.
", $maxdb->affected_rows);
	      }

	      $maxdb->close();
	      ?>

       Example #2

	      Procedural style

	      <?php
	      $link = maxdb_connect("localhost", "MONA", "RED", "DEMODB");

	      /* check connection */
	      if (maxdb_connect_errno()) {
		 printf("Connect failed: %s
", maxdb_connect_error());
		 exit();
	      }

	      maxdb_query($link, "CREATE TABLE temp.mycity LIKE hotel.city");

	      $city = "'s Hertogenbosch";

	      /* this query will fail, cause we didn't escape $city */
	      if (!maxdb_query($link, "INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
		 printf("Error: %s
", maxdb_sqlstate($link));
	      }

	      $city = maxdb_real_escape_string($link, $city);

	      /* this query with escaped $city will work */
	      if (maxdb_query($link, "INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
		 printf("%d Row inserted.
", maxdb_affected_rows($link));
	      }

	      maxdb_close($link);
	      ?>

       The above example will output something similar to:

       Warning: maxdb_query(): -5016 POS(43) Missing delimiter: ) <...>
       Error: 42000
       1 Row inserted.


SEE ALSO

       maxdb_character_set_name(3).

PHP Documentation Group 											       MAXDB_REAL_ESCAPE_STRING(3)
Related Man Pages
maxdb_info(3) - php
maxdb_stmt_error(3) - php
maxdb_query(3) - php
maxdb_sqlstate(3) - php
maxdb_thread_id(3) - php
Similar Topics in the Unix Linux Community
ls command output
select a portion of a file into a CSV
SQL : Fine tune Insert by query
how to get a file from a ftp server
If option statement