MySQL 函数
在线手册:中文 英文
PHP手册

mysql_escape_string

(PHP 4 >= 4.0.3, PHP 5)

mysql_escape_string 转义一个字符串用于 mysql_query

说明

string mysql_escape_string ( string $unescaped_string )

本函数将 unescaped_string 转义,使之可以安全用于 mysql_query()

Note: mysql_escape_string() 并不转义 %_ 本函数和 mysql_real_escape_string() 完全一样,除了 mysql_real_escape_string() 接受的是一个连接句柄并根据当前字符集转移字符串之外。mysql_escape_string() 并不接受连接参数,也不管当前字符集设定。

Example #1 mysql_escape_string() 例子

<?php
    $item 
"Zak's Laptop";
    
$escaped_item mysql_escape_string($item);
    
printf ("Escaped string: %s\n"$escaped_item);
?>

以上例子将产生如下输出:

Escaped string: Zak\'s Laptop

参见 mysql_real_escape_string()addslashes()magic_quotes_gpc 指令。


MySQL 函数
在线手册:中文 英文
PHP手册
PHP手册 - N: 转义一个字符串用于 mysql_query

用户评论:

s dot marechal at jejik dot com (26-Jan-2011 10:37)

The exact characters that are escaped by this function are the null byte (0), newline (\n), carriage return (\r), backslash (\), single quote ('), double quote (") and substiture (SUB, or \032).

as_lh (26-Mar-2010 01:05)

it seems the function changes the character encoding of the string.
I get utf-8 encoded string and my mysql database is set to utf-8 as well.
If i just write the data to the database it works perfectly fine, if i use this function, it changes the encoding and therefore stores the wrong characters.

Seems like a bug to me.