How to use mysqli_real_escape_string() to escapes special characters in a string for use in an SQL statement with PHP

1 Answer

$db_host        = 'localhost';
$db_user        = 'root';
$db_password    = '';
$db_name        = 'allonpage';
 
$con = new mysqli('localhost', $db_user, $db_password, $db_name);
 
if ($con->connect_error) 
    die('Connection Error: ' . $con->server_info);
 
$src = "https://www.ws.com";
$src = $con->real_escape_string($src);

$href = "http://www.ws.com/images/logo-wordpress.png";
$href = $con->real_escape_string($href);

if ($con->query("INSERT into test_table (href, src) VALUES ('$href', '$src')")) 
    echo "Row inserted: " . $con->affected_rows;
else
    echo  "Error: " . $con->error; 

$con->close();

/*
run: 

Row inserted: 1 

*/

70+ SQL courses for beginners and professionals

answered Jul 11, 2016 by avibootz

Most popular tags

How to use mysqli_real_escape_string() to escapes special characters in a string for use in an SQL statement with PHP

1 Answer

Related questions