string db_escape_string (string str)
Escapes a string so it is ready to be used as a SQL query. Specifically, this function will double single quotes (') or prepend a backslash (\) to them.
NOTE: This is a SQL function. See Database Support for more information.
Arguments
str is the string to be escaped.
Result
The function returns the escaped string.
Example
$item
= db_escape_string("That's all"); |
See also