function db_escape_string

6.x database.pgsql.inc	`db_escape_string($text)`
6.x database.mysqli.inc	`db_escape_string($text)`
6.x database.mysql.inc	`db_escape_string($text)`

Prepare user input for use in a database query, preventing SQL injection attacks. Note: This function requires PostgreSQL 7.2 or later.

Related topics

Database abstraction layer: Allow the use of different database servers using the same code base.

1 call to db_escape_string()

_db_query_callback in drupal-6.x/includes/database.inc: Helper function for db_query().

File

drupal-6.x/includes/database.pgsql.inc, line 363: Database interface code for PostgreSQL database servers.

Code

function db_escape_string($text) {
  return pg_escape_string($text);
}