mysql_safe_query to prevent SQL injection - PHP Snipplr Social Repository

Revision: 19832

at November 1, 2009 12:47 by jmiller

Initial Code

function mysql_safe_string($value) {
    if(empty($value))           return 'NULL';
    elseif(is_string($value))   return '\''.mysql_real_escape_string(trim($value)).'\'';
    elseif(is_numeric($value))  return $value;
    elseif(is_array($value))    return implode(',',array_map('mysql_safe_string',$value));
    else                        return false;
}

function mysql_safe_query($format) {
    $args = array_slice(func_get_args(),1);
    $args = array_map('mysql_safe_string',$args);
    $query = vsprintf($format,$args);
    return mysql_query($query);
}

Initial URL

http://programanddesign.com/php/marks-php-snippets/

Initial Description

Initial Title

mysql_safe_query to prevent SQL injection

Initial Tags

mysql, sql, query

Initial Language

PHP

Choose a language for easy browsing: