<?php
$con=mysqli_connect("localhost","my_user","my_password","my_db");

// Check connection
if (mysqli_connect_errno($con))
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

mysqli_query($con,"CREATE TABLE myPersons LIKE Persons");

$newpers="Da'Silva"

// This query will fail, cause we did not escape $newpers
mysqli_query($con,"INSERT into myPersons (Lastname) VALUES ('$newpers')");

$newpers=mysqli_real_escape_string($con,$newpers);

// This query will work, cause we escaped $newpers
mysqli_query($con,"INSERT into myPersons (Lastname) VALUES ('$newpers')");

mysqli_close($con);
?>

Definition and Usage

The mysqli_real_escape_string() function escapes special characters in a string for use in an SQL statement.

Syntax

mysqli_real_escape_string(connection,escapestring);

Parameter	Description
connection	Required. Specifies the MySQL connection to use
escapestring	Required. The string to be escaped. Characters encoded are NUL (ASCII 0), \n, \r, \, ', ", and Control-Z.

Technical Details

Return Value:	Returns the escaped string
PHP Version:	5+

PHP MySQLi Reference

Your suggestion:

Your E-mail (optional):

Page address:

Description:

Close [X]

Thank You For Helping Us!

Your message has been sent to W3Schools.

Close [X]

WEB HOSTING

Best Web Hosting eUK Web Hosting UK Reseller Hosting Cloud Hosting

WEB BUILDING

XML Editor - Free Trial! FREE Website BUILDER FREE Website Creator

STATISTICS

Browser Statistics OS Statistics Display Statistics

SHARE THIS PAGE

PHP Basic

PHP Advanced

PHP Database

PHP XML

PHP and AJAX

PHP Reference

PHP Quiz

PHP mysqli_real_escape_string() Function

Example

Definition and Usage

Syntax

Technical Details

Your suggestion:

Thank You For Helping Us!

WEB HOSTING

WEB BUILDING

STATISTICS

Top 10 Tutorials

Top 10 References

Examples

Quizzes

Color Picker

Statistics