PHP MySQL Sanitize/Adjus/Escape Data Before Insertion With the Mysql_real_escape_string

October 21, 2011 | By Duchateaux.

PHP 5 How to Sanitize MySQL Data

The Raw Data inserted in a MySQL Database can contains Special Chars that if Inserted in some Query can lead to a Query Failure.

In PHP to Escape Special Chars and Prepare Data for Insertion into Database you dispose of two functions, one for each form of PHP to MySQL Connection:

  • mysql_real_escape_string()
    /nit take as Unique Argument the Data to Sanitize


  • mysqli_real_escape_string()
    /nit take Two Arguments: the Database Connection in use and the Data to Treat

    mysqli_real_escape($dbc, $data)

QuickChic Theme • Powered by WordPress