DB.escape (3kaya)

Escape a string to be used as part of a query

  1. Carta.tech
  2. Man Pages
  3. MISSING SECTION
  4. DB.escape: Escape a string to be used as part of a query
  1. Carta.tech
  2. Packages
  3. kaya
  4. DB.escape: Escape a string to be used as part of a query

SYNOPSIS

String escape( String val )

ARGUMENTS

val The String to escape

DESCRIPTION

Escapes backslashes, apostrophes and quotes in a string to protect against SQL injection attacks. This function should be used only as a last resort - prepared statements using DB.prepare (3kaya) and DB.execPrepared (3kaya) are supported by all database libraries, and are far less prone to human error.

AUTHORS

Kaya standard library by Edwin Brady, Chris Morris and others ([email protected]). For further information see http://kayalang.org/

LICENSE

The Kaya standard library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License (version 2.1 or any later version) as published by the Free Software Foundation.