Skip to content

Skip to navigation - Accesskey = n

Skip to search - Accesskey = s

Escaping dangerous characters in a string

Escaping potential dangerous characters in a string before using it in a query can help protect your script against SQL injection attacks.

The function:

function escape($s){
  return mysql_escape_string($s);
}

To use

$string = $modx->db->escape($string);

Example

$string = "This is Joe's Page";
$string = $modx->db->escape($string);

This will result in the string "This is Joe\'s Page".

© 2005-2008 MODx CMS. All rights reserved.
Contact Us | MODx Blog RSS Feed | About | FAQ
Hosted by Collabpad — Designed by ziworks