string mysqli::escape_string ( string $escapestr )
string mysqli::real_escape_string ( string $escapestr )
string mysqli_real_escape_string ( mysqli $link , string $escapestr )
This function is used to create a legal SQL string that you can use in an SQL statement. The given string is encoded to an escaped SQL string, taking into account the current character set of the connection.
The mysqli_real_escape_string() function escapes special characters in a string for use in an SQL statement.
Parameter | Description |
---|---|
link | Procedural style only: A link identifier returned by mysqli_connect() or mysqli_init() |
escapestr | The string to be escaped. |
Returns an escaped string.