php man page for maxdb_real_escape_string

Php Man Pages All Man Pages Latest Topics Forum Categories

Query: maxdb_real_escape_string

OS: php

Section: 3

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

MAXDB_REAL_ESCAPE_STRING(3)						 1					       MAXDB_REAL_ESCAPE_STRING(3)

maxdb_real_escape_string - Escapes special characters in a string for use in an SQL statement, taking into account the current charset of the con-
nection

       Procedural style


SYNOPSIS

       string maxdb_real_escape_string (resource  $link, string  $escapestr)


DESCRIPTION

       Object oriented style
       string maxdb::real_escape_string (string  $escapestr)

	This function is used to create a legal SQL string that you can use in an SQL statement. The string escapestr is encoded to an escaped SQL
       string, taking into account the current character set of the connection.

	Characters encoded are ', ".


RETURN VALUES

	Returns an escaped string.


EXAMPLES

       Example #1

	      Object oriented style

	      <?php
	      $maxdb = new maxdb("localhost", "MONA", "RED", "DEMODB");

	      /* check connection */
	      if (maxdb_connect_errno()) {
		 printf("Connect failed: %s
", maxdb_connect_error());
		 exit();
	      }

	      $maxdb->query("CREATE TABLE temp.mycity LIKE hotel.city");

	      $city = "'s Hertogenbosch";

	      /* this query will fail, cause we didn't escape $city */
	      if (!$maxdb->query("INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
		 printf("Error: %s
", $maxdb->sqlstate);
	      }

	      $city = $maxdb->real_escape_string($city);

	      /* this query with escaped $city will work */
	      if ($maxdb->query("INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
		 printf("%d Row inserted.
", $maxdb->affected_rows);
	      }

	      $maxdb->close();
	      ?>

       Example #2

	      Procedural style

	      <?php
	      $link = maxdb_connect("localhost", "MONA", "RED", "DEMODB");

	      /* check connection */
	      if (maxdb_connect_errno()) {
		 printf("Connect failed: %s
", maxdb_connect_error());
		 exit();
	      }

	      maxdb_query($link, "CREATE TABLE temp.mycity LIKE hotel.city");

	      $city = "'s Hertogenbosch";

	      /* this query will fail, cause we didn't escape $city */
	      if (!maxdb_query($link, "INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
		 printf("Error: %s
", maxdb_sqlstate($link));
	      }

	      $city = maxdb_real_escape_string($link, $city);

	      /* this query with escaped $city will work */
	      if (maxdb_query($link, "INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
		 printf("%d Row inserted.
", maxdb_affected_rows($link));
	      }

	      maxdb_close($link);
	      ?>

       The above example will output something similar to:

       Warning: maxdb_query(): -5016 POS(43) Missing delimiter: ) <...>
       Error: 42000
       1 Row inserted.


SEE ALSO

       maxdb_character_set_name(3).

PHP Documentation Group 											       MAXDB_REAL_ESCAPE_STRING(3)
Related Man Pages
maxdb_stmt_bind_param(3) - php
maxdb_stmt_error(3) - php
maxdb_real_escape_string(3) - php
maxdb_rollback(3) - php
maxdb_warning_count(3) - php
Similar Topics in the Unix Linux Community
1
select a portion of a file into a CSV
filter out all the records which are having space in the 8th filed of my file
json_decode conversion
If option statement