update : 2015.11.03
php.shukuma.com

검색:
 
 
Escapes special characters in a string for use in an SQL statement, taking into account the current charset of the connection
MaxDB 함수 목록
PHP Manual

maxdb_real_escape_string

maxdb::real_escape_string

(PECL maxdb >= 1.0)

maxdb_real_escape_string -- maxdb::real_escape_stringEscapes special characters in a string for use in an SQL statement, taking into account the current charset of the connection

설명

절차식 형식

string maxdb_real_escape_string ( resource $link , string $escapestr )

객체 기반 형식

string maxdb::real_escape_string ( string $escapestr )

This function is used to create a legal SQL string that you can use in an SQL statement. The string escapestr is encoded to an escaped SQL string, taking into account the current character set of the connection.

Characters encoded are ', ".

반환값

Returns an escaped string.

예제

Example #1 객체 기반 형식

<?php
$maxdb = new maxdb("localhost""MONA""RED""DEMODB");

/* check connection */
if (maxdb_connect_errno()) {
   printf("Connect failed: %s\n"maxdb_connect_error());
   exit();
}

$maxdb->query("CREATE TABLE temp.mycity LIKE hotel.city");

$city "'s Hertogenbosch";

/* this query will fail, cause we didn't escape $city */
if (!$maxdb->query("INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
   printf("Error: %s\n"$maxdb->sqlstate);
}

$city $maxdb->real_escape_string($city);

/* this query with escaped $city will work */
if ($maxdb->query("INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
   printf("%d Row inserted.\n"$maxdb->affected_rows);
}

$maxdb->close();
?>

Example #2 절차식 형식

<?php
$link maxdb_connect("localhost""MONA""RED""DEMODB");

/* check connection */
if (maxdb_connect_errno()) {
   printf("Connect failed: %s\n"maxdb_connect_error());
   exit();
}

maxdb_query($link"CREATE TABLE temp.mycity LIKE hotel.city");

$city "'s Hertogenbosch";

/* this query will fail, cause we didn't escape $city */
if (!maxdb_query($link"INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
   printf("Error: %s\n"maxdb_sqlstate($link));
}

$city maxdb_real_escape_string($link$city);

/* this query with escaped $city will work */
if (maxdb_query($link"INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
   printf("%d Row inserted.\n"maxdb_affected_rows($link));
}

maxdb_close($link);
?>

위 예제의 출력 예시:

Warning: maxdb_query(): -5016 POS(43) Missing delimiter: ) <...>
Error: 42000
1 Row inserted.

참고

MaxDB 함수 목록
PHP Manual