php-mysqlHow to escape a string for MySQL in PHP?
The best way to escape a string for MySQL in PHP is to use the mysqli_real_escape_string()
function. This function takes two parameters, the first being the MySQL connection and the second being the string to be escaped.
$conn = mysqli_connect("localhost", "username", "password", "database");
$escapedString = mysqli_real_escape_string($conn, $string);
The output of the above code will be the escaped string.
The mysqli_real_escape_string()
function does the following:
- Escapes special characters in the string for use in an SQL statement
- Adds backslashes before characters that need to be escaped
- Prepares the string for use in a MySQL query
Helpful links
More of Php Mysql
- How to use utf8mb4_unicode_ci in MySQL with PHP?
- How to use a variable in a MySQL query using PHP?
- How to get the version of MySQL using PHP?
- How to update to null value in MySQL using PHP?
- How to write an update query in MySQL using PHP?
- How to use a MySQL union in PHP?
- How to count the number of resulting rows in a MySQL database using PHP?
- How to change database in MySQL with PHP?
- How to generate a UUID in MySQL using PHP?
- How to export data from MySQL to Excel using PHP?
See more codes...