php-mysqlHow to escape a string for MySQL in PHP?

The best way to escape a string for MySQL in PHP is to use the mysqli_real_escape_string() function. This function takes two parameters, the first being the MySQL connection and the second being the string to be escaped.

$conn = mysqli_connect("localhost", "username", "password", "database");
$escapedString = mysqli_real_escape_string($conn, $string);

The output of the above code will be the escaped string.

The mysqli_real_escape_string() function does the following:

Escapes special characters in the string for use in an SQL statement
Adds backslashes before characters that need to be escaped
Prepares the string for use in a MySQL query

Helpful links

PHP: mysqli_real_escape_string - Manual

Edit this code on GitHub

More of Php Mysql

How to use utf8mb4_unicode_ci in MySQL with PHP?
How to use a variable in a MySQL query using PHP?
How to get the version of MySQL using PHP?
How to update to null value in MySQL using PHP?
How to write an update query in MySQL using PHP?
How to use a MySQL union in PHP?
How to count the number of resulting rows in a MySQL database using PHP?
How to change database in MySQL with PHP?
How to generate a UUID in MySQL using PHP?
How to export data from MySQL to Excel using PHP?

See more codes...