Quotes a string, used when not using prepared statements and want to safetly insert/update data, it uses real_escape_string.
|$string:||The var to quote.|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
<?php require_once 'dalmp.php'; $user = getenv('MYSQL_USER') ?: 'root'; $password = getenv('MYSQL_PASS') ?: ''; $DSN = "utf8://$user:$password".'@127.0.0.1/test'; $db = new DALMP\Database($DSN); $data = "nbari' OR admin"; $query = $db->qstr($data); $db->GetRow("SELECT * FROM users WHERE name=$query");
This method will query the database every time is called, so in cases where you are using cache it is not very usefull, since it will need to connect to the database before doing the query.
Thanks Navicat for supporting Open Source projects.
A great amount of time has been spent creating, crafting and maintaining this software, please consider donating.
Donating helps ensure continued support, development and availability.
comments powered by Disqus