<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision: 299169 $ -->
<refentry xmlns="http://docbook.org/ns/docbook" xml:id="function.maxdb-real-escape-string">
 <refnamediv>
  <refname>maxdb_real_escape_string</refname>
  <refname>maxdb::real_escape_string</refname>
  <refpurpose>Escapes special characters in a string for use in a SQL statement, taking into account the current charset of the connection</refpurpose>
 </refnamediv>

 <refsect1 role="description">
  &reftitle.description;
  <para>&style.procedural;</para>
  <methodsynopsis>
   <type>string</type><methodname>maxdb_real_escape_string</methodname>
   <methodparam><type>resource</type><parameter>link</parameter></methodparam>
   <methodparam><type>string</type><parameter>escapestr</parameter></methodparam>
  </methodsynopsis>
  <para>&style.oop;</para>
  <methodsynopsis>
   <type>string</type><methodname>maxdb::real_escape_sring</methodname>
   <methodparam><type>string</type><parameter>escapestr</parameter></methodparam>
  </methodsynopsis>
  <para>
   This function is used to create a legal SQL string that you can use in a SQL statement.
   The string <literal>escapestr</literal> is encoded to an escaped SQL string, taking into
   account the current character set of the connection.
  </para>
  <para>
   Characters encoded are <literal>', "</literal>.
  </para>
 </refsect1>

 <refsect1 role="returnvalues">
  &reftitle.returnvalues;
  <para>
   Returns an escaped string.
  </para>
 </refsect1>

 <refsect1 role="examples">
  &reftitle.examples;
  <example>
   <title>Object oriented style</title>
   <programlisting role="php">
<![CDATA[
<?php
$maxdb = new maxdb("localhost", "MONA", "RED", "DEMODB");

/* check connection */
if (maxdb_connect_errno()) {
   printf("Connect failed: %s\n", maxdb_connect_error());
   exit();
}

$maxdb->query("CREATE TABLE temp.mycity LIKE hotel.city");

$city = "'s Hertogenbosch";

/* this query will fail, cause we didn't escape $city */
if (!$maxdb->query("INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
   printf("Error: %s\n", $maxdb->sqlstate);
}

$city = $maxdb->real_escape_string($city);

/* this query with escaped $city will work */
if ($maxdb->query("INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
   printf("%d Row inserted.\n", $maxdb->affected_rows);
}

$maxdb->close();
?>
]]>
   </programlisting>
  </example>
  <example>
   <title>Procedural style</title>
   <programlisting role="php">
<![CDATA[
<?php
$link = maxdb_connect("localhost", "MONA", "RED", "DEMODB");

/* check connection */
if (maxdb_connect_errno()) {
   printf("Connect failed: %s\n", maxdb_connect_error());
   exit();
}

maxdb_query($link, "CREATE TABLE temp.mycity LIKE hotel.city");

$city = "'s Hertogenbosch";

/* this query will fail, cause we didn't escape $city */
if (!maxdb_query($link, "INSERT into temp.mycity VALUES ('11111','$city','NY')")) {
   printf("Error: %s\n", maxdb_sqlstate($link));
}

$city = maxdb_real_escape_string($link, $city);

/* this query with escaped $city will work */
if (maxdb_query($link, "INSERT into temp.mycity VALUES ('22222','$city','NY')")) {
   printf("%d Row inserted.\n", maxdb_affected_rows($link));
}

maxdb_close($link);
?>
]]>
   </programlisting>
  </example>
  &example.outputs.similar;
  <screen>
<![CDATA[
Warning: maxdb_query(): -5016 POS(43) Missing delimiter: ) <...>
Error: 42000
1 Row inserted.
]]>
  </screen>
 </refsect1>

 <refsect1 role="seealso">
  &reftitle.seealso;
  <para>
   <simplelist>
    <member><function>maxdb_character_set_name</function></member>
   </simplelist>
  </para>
 </refsect1>

</refentry>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->