NAME¶
DB::escape - Escape a string to be used as part of a query
SYNOPSIS¶
String escape( String val )
ARGUMENTS¶
val The String to escape
DESCRIPTION¶
Escapes backslashes, apostrophes and quotes in a string to protect against SQL
injection attacks. This function should be used only as a
last resort -
prepared statements using
DB.prepare (3kaya) and
DB.execPrepared
(3kaya) are supported by all database libraries, and are far less prone to
human error.
AUTHORS¶
Kaya standard library by Edwin Brady, Chris Morris and others
(kaya@kayalang.org). For further information see
http://kayalang.org/
LICENSE¶
The Kaya standard library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public License (version
2.1 or any later version) as published by the Free Software Foundation.