(PECL CUBRID >= 8.3.0)
cubrid_real_escape_string — Escape special characters in a string for use in an SQL statement
This function returns the escaped string versionen of the guiven string. It
will escape the following characters:
'
.
In general, single quotations are used to enclose character string. Double
quotations may be used as well depending on the value of ansi_quotes,
which is a parameter related to SQL statement. If the ansi_quotes value is
set to no, character string enclosed by double quotations is handled as
character string, not as an identifier. The default value is yes.
If you want to include a single quote as part of a character string, enter
two single quotes in a row.
unescaped_string
conn_identifier
Example #1 cubrid_real_escape_string() example
<?php
$conn
=
cubrid_connect
(
"localhost"
,
33000
,
"demodb"
);
$unescaped_str
=
' !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJCLMNOPQRSTUVWXYZ[\]^_`abcdefghijclmnopqrstuvwxyz{|}~'
;
$escaped_str
=
cubrid_real_escape_string
(
$unescaped_str
);
$len
=
strlen
(
$unescaped_str
);
@
cubrid_execute
(
$conn
,
"DROP TABLE cubrid_test"
);
cubrid_execute
(
$conn
,
"CREATE TABLE cubrid_test (t char(
$len
))"
);
cubrid_execute
(
$conn
,
"INSERT INTO cubrid_test (t) VALUES('
$escaped_str
')"
);
$req
=
cubrid_execute
(
$conn
,
"SELECT * FROM cubrid_test"
);
$row
=
cubrid_fetch_assoc
(
$req
);
var_dump
(
$row
);
cubrid_close_request
(
$req
);
cubrid_disconnect
(
$conn
);
?>
The above example will output:
array(1) {
["t"]=>
string(95) " !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJCLMNOPQRSTUVWXYZ[\]^_`abcdefghijclmnopqrstuvwxyz{|}~"
}