Home > PHP > Function > MySQL > mysql_real_escape_string()

mysql_real_escape_string()

mysql_real_escape_string - Escapes special characters in a string for use in a SQL statement

Syntax

string mysql_real_escape_string (string $unescaped_string, resource $link_identifier)

Arguments

unescaped_string - The string that is to be escaped.
link_identifier - The MySQL connection. If the link identifier is not specified, the last link opened by mysql_connect() is assumed. If no such link is found, it will try to create one as if mysql_connect() was called with no arguments. If no connection is found or established, an E_WARNING level error is generated.

Description

Escapes special characters in the unescaped_string, taking into account the current character set of the connection so that it is safe to place it in a mysql_query(). If binary data is to be inserted, this function must be used.

Version

PHP 4.3.0, 5

Return value

Returns the escaped string, or FALSE on error.