v5:reference:connection:qstr
This is an old revision of the document!
qStr
Description
The function qStr()
takes an input string, and allows it to be:
- Wrapped in single quotes.The value can then be used, for example in an SQL statement.
- Have quotes inside the string escaped in a way that is appropriate for the database. This is done wherever possible using PHP driver functions e.g. MySQL real_escape_string. The second parameter,
$dontFixQuotes
stops any internal quoting happening, This parameter was mostly used in older versions of PHP when the now removedmagic_quotes
parameter was enabled, and the 2 methods were in conflict.
Usage
$string = "Patrick O'Reilly"; $SQL = "SELECT * FROM names WHERE name='$string'"; $result = $db->Execute($SQL); /* * Execution fails due to mismatched ` characters */ $qString = $db->qStr($string); /* * function returns 'Patrick O\'Reilly' (The resulting string is database-specific) */ $SQL = "SELECT * FROM names WHERE name=$qString"; $result = $db->Execute($SQL); /* * Execution Succeeds */
v5/reference/connection/qstr.1461193720.txt.gz · Last modified: 2017/04/21 11:33 (external edit)