<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>Returns a string that has been properly escaped</title>
</head>
<body><div class="manualnavbar" style="text-align: center;">
<div class="prev" style="text-align: left; float: left;"><a href="sqlite3.enableexceptions.html">SQLite3::enableExceptions</a></div>
<div class="next" style="text-align: right; float: right;"><a href="sqlite3.exec.html">SQLite3::exec</a></div>
<div class="up"><a href="class.sqlite3.html">SQLite3</a></div>
<div class="home"><a href="index.html">PHP Manual</a></div>
</div><hr /><div id="sqlite3.escapestring" class="refentry">
<div class="refnamediv">
<h1 class="refname">SQLite3::escapeString</h1>
<p class="verinfo">(PHP 5 >= 5.3.0, PHP 7)</p><p class="refpurpose"><span class="refname">SQLite3::escapeString</span> — <span class="dc-title">Returns a string that has been properly escaped</span></p>
</div>
<div class="refsect1 description" id="refsect1-sqlite3.escapestring-description">
<h3 class="title">Description</h3>
<div class="methodsynopsis dc-description">
<span class="modifier">public</span> <span class="modifier">static</span> <span class="type">string</span> <span class="methodname"><strong>SQLite3::escapeString</strong></span>
( <span class="methodparam"><span class="type">string</span> <code class="parameter">$value</code></span>
)</div>
<p class="para rdfs-comment">
Returns a string that has been properly escaped for safe inclusion in an
SQL statement.
</p>
<div class="warning"><strong class="warning">Warning</strong><p class="simpara">This function
is not (yet) binary safe!</p></div>
<p class="para">
To properly handle BLOB fields which may contain NUL characters, use
<span class="function"><a href="sqlite3stmt.bindparam.html" class="function">SQLite3Stmt::bindParam()</a></span> instead.
</p>
</div>
<div class="refsect1 parameters" id="refsect1-sqlite3.escapestring-parameters">
<h3 class="title">Parameters</h3>
<p class="para">
<dl>
<dt>
<code class="parameter">value</code></dt>
<dd>
<p class="para">
The string to be escaped.
</p>
</dd>
</dl>
</p>
</div>
<div class="refsect1 returnvalues" id="refsect1-sqlite3.escapestring-returnvalues">
<h3 class="title">Return Values</h3>
<p class="para">
Returns a properly escaped string that may be used safely in an SQL
statement.
</p>
</div>
<div class="refsect1 notes" id="refsect1-sqlite3.escapestring-notes">
<h3 class="title">Notes</h3>
<div class="warning"><strong class="warning">Warning</strong>
<p class="simpara">
<span class="function"><a href="function.addslashes.html" class="function">addslashes()</a></span> should <em class="emphasis">NOT</em> be used to
quote your strings for SQLite queries; it will lead to strange results
when retrieving your data.
</p>
</div>
</div>
</div><hr /><div class="manualnavbar" style="text-align: center;">
<div class="prev" style="text-align: left; float: left;"><a href="sqlite3.enableexceptions.html">SQLite3::enableExceptions</a></div>
<div class="next" style="text-align: right; float: right;"><a href="sqlite3.exec.html">SQLite3::exec</a></div>
<div class="up"><a href="class.sqlite3.html">SQLite3</a></div>
<div class="home"><a href="index.html">PHP Manual</a></div>
</div></body></html>
