downloads | documentation | faq | getting help | mailing lists | licenses | wiki | reporting bugs | php.net sites | links | conferences | my php.net

search for in the

Our source is open

The syntax highlighted source is automatically generated by PHP from the plaintext script. If you're interested in what's behind the several functions we used, you can always take a look at the source of the following files:

Of course, if you want to see the source of this page, we have it available. You can also browse the SVN repository for this website on svn.php.net.

Source of: /manual/en/function.sqlite-escape-string.php

<?php
include_once $_SERVER['DOCUMENT_ROOT'] . '/include/shared-manual.inc';
$TOC = array();
$PARENTS = array();
include_once dirname(__FILE__) ."/toc/ref.sqlite.inc";
$setup = array (
  'home' =>
  array (
    0 => 'index.php',
    1 => 'PHP Manual',
  ),
  'head' =>
  array (
    0 => 'UTF-8',
    1 => 'en',
  ),
  'this' =>
  array (
    0 => 'function.sqlite-escape-string.php',
    1 => 'sqlite_escape_string',
  ),
  'up' =>
  array (
    0 => 'ref.sqlite.php',
    1 => 'SQLite Functions',
  ),
  'prev' =>
  array (
    0 => 'function.sqlite-error-string.php',
    1 => 'sqlite_error_string',
  ),
  'next' =>
  array (
    0 => 'function.sqlite-exec.php',
    1 => 'sqlite_exec',
  ),
);
$setup["toc"] = $TOC;
$setup["parents"] = $PARENTS;
manual_setup($setup);

manual_header();
?>
<div id="function.sqlite-escape-string" class="refentry">
 <div class="refnamediv">
  <h1 class="refname">sqlite_escape_string</h1>
  <p class="verinfo">(PHP 5, PECL sqlite &gt;= 1.0.0)</p><p class="refpurpose"><span class="refname">sqlite_escape_string</span> &mdash; <span class="dc-title">Escapes a string for use as a query parameter</span></p>

 </div>

 <a name="function.sqlite-escape-string.description"></a><div class="refsect1 description">
  <h3 class="title">Description</h3>
  <div class="methodsynopsis dc-description">
   <span class="type">string</span> <span class="methodname"><b>sqlite_escape_string</b></span>
    ( <span class="methodparam"><span class="type">string</span> <tt class="parameter">$item</tt></span>
   )</div>

  <p class="para rdfs-comment">
   <b>sqlite_escape_string()</b> will correctly quote the string
   specified by <i><tt class="parameter">item</tt></i>

   for use in an SQLite SQL statement.  This includes doubling up
   single-quote characters (<i>&#039;</i>) and checking for
   binary-unsafe characters in the query string.
  </p>
  <p class="para">
   Although the encoding makes it safe to insert the data, it will render
   simple text comparisons and <i>LIKE</i> clauses in your
   queries unusable for the columns that contain the binary data.  In
   practice, this shouldn&#039;t be a problem, as your schema should be such that
   you don&#039;t use such things on binary columns (in fact, it might be better to
   store binary data using other means, such as in files).
  </p>
 </div>


 <a name="function.sqlite-escape-string.parameters"></a><div class="refsect1 parameters">
  <h3 class="title">Parameters</h3>
  <p class="para">
   </p><dl>

    <dt class="varlistentry">

     <span class="term"><i><tt class="parameter">item</tt></i>
</span>

     </dt><dd class="listitem">

      <p class="para">
       The <a href="language.types.string.php" class="type string">string</a> being quoted.
      </p>
      <p class="para">
       If the <i><tt class="parameter">item</tt></i>
 contains a <i>NUL</i>
       character, or if it begins with a character whose ordinal value is
       <i>0x01</i>, PHP will apply a binary encoding scheme so that
       you can safely store and retrieve binary data.
      </p>
     </dd>

   
   </dl>
<p>
  </p>
 </div>

 
 <a name="function.sqlite-escape-string.returnvalues"></a><div class="refsect1 returnvalues">
  <h3 class="title">Return Values</h3>
  <p class="para">
   Returns an escaped <a href="language.types.string.php" class="type string">string</a> for use in an SQLite SQL statement.
  </p>
 </div>


 <a name="function.sqlite-escape-string.notes"></a><div class="refsect1 notes">
  <h3 class="title">Notes</h3>
  <blockquote><p><b class="note">Note</b>:
   <span class="simpara">
    Do not use this function to encode the return values from UDF&#039;s created
    using <a href="function.sqlite-create-function.php" class="function">sqlite_create_function()</a> or
    <a href="function.sqlite-create-aggregate.php" class="function">sqlite_create_aggregate()</a> - use
    <a href="function.sqlite-udf-encode-binary.php" class="function">sqlite_udf_encode_binary()</a> instead.
   </span>
  </p></blockquote>
  <div class="warning"><b class="warning">Warning</b>
   <p class="simpara">
    <a href="function.addslashes.php" class="function">addslashes()</a> should <em class="emphasis">NOT</em> be used to
    quote your strings for SQLite queries; it will lead to strange results
    when retrieving your data.
   </p>
  </div>
 </div>


 <a name="function.sqlite-escape-string.seealso"></a><div class="refsect1 seealso">
  <h3 class="title">See Also</h3>
  <p class="para">
   </p><ul class="simplelist">
    <li class="member"><a href="function.sqlite-udf-encode-binary.php" class="function" rel="rdfs-seeAlso">sqlite_udf_encode_binary()</a> - Encode binary data before returning it from an UDF</li>
   </ul><p>
  </p>
 </div>

</div><?php manual_footer(); ?>
 
show source | credits | sitemap | contact | advertising | mirror sites