Driver_Database_Driver_MySQL::escape

Sanitize a string by escaping characters that could cause an SQL injection attack.

$value = $db->escape('any string');

string Driver_Database_Driver_MySQL::escape( string $value )

参数列表

参数类型描述默认值

$value string Value to quote

参数	类型	描述	默认值
`$value`	`string`	Value to quote

返回值

string

File: ./drivers/database/mysql/mysql.class.php

public function escape($value)
{
    $connection = $this->connection();

    $this->_change_charset($value);

    if (($value = mysql_real_escape_string($value,$connection)) === false)
    {
        throw new Exception('Error:' . mysql_error($connection), mysql_errno($connection));
    }

    return "'$value'";
}