MySQL string escaping in PHP

Simple function to prepare user inputted data for inserting into a MySQL database. It simply checks if stripslashes() should be called, and then escapes the string. Basic, but handy.

function mysql_escape($string) {
    if (get_magic_quotes_gpc() == 1) {
        $string = stripslashes($string);
    }
    $string = mysql_real_escape_string($string);
    return $string;
}

Related posts:

1. PHP function to generate a slug for SEO URLs
2. Bash alias to search file contents

Tags: MySQL, PHP

This entry was posted on Saturday, December 26th, 2009 at 1:44 am and is filed under Code Stuff. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.