PHP MySQL Sanitize/Adjus/Escape Data before Insertion with the mysql_real_escape_string

October 21st, 2011 by Regaz

PHP 5 How-to Sanitize MySQL Data




The Raw Data inserted in a MySQL Database can contains Special Chars that if Inserted in some Query can lead to a Query Failure.

In PHP to Escape Special Chars and Prepare Data for Insertion into Database you dispose of two functions, one for each form of PHP to MySQL Connection:

 - Featured
  • mysql_real_escape_string()
    it take as Unique Argument the Data to Sanitize
    Example:
    mysql_real_escape($data)
  • mysqli_real_escape_string()
    it take Two Arguments: the Database Connection in use and the Data to Treat
    Example:
    mysqli_real_escape($dbc, $data)

Tags: ,