<HTML
><HEAD
><TITLE
>mysql_real_escape_string</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="Manual de PHP"
HREF="index.html"><LINK
REL="UP"
TITLE="Funciones MySQL"
HREF="ref.mysql.html"><LINK
REL="PREVIOUS"
TITLE="mysql_query"
HREF="function.mysql-query.html"><LINK
REL="NEXT"
TITLE="mysql_result"
HREF="function.mysql-result.html"><META
HTTP-EQUIV="Content-type"
CONTENT="text/html; charset=ISO-8859-1"></HEAD
><BODY
CLASS="refentry"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Manual de PHP</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="function.mysql-query.html"
ACCESSKEY="P"
>Anterior</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="function.mysql-result.html"
ACCESSKEY="N"
>Siguiente</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><H1
><A
NAME="function.mysql-real-escape-string"
></A
>mysql_real_escape_string</H1
><DIV
CLASS="refnamediv"
><A
NAME="AEN48352"
></A
><P
>    (PHP 4 &#62;= 4.3.0)</P
>mysql_real_escape_string&nbsp;--&nbsp;
     Escapes special characters in a string for use in a SQL statement, taking into account the current charset of the connection.
    </DIV
><DIV
CLASS="refsect1"
><A
NAME="AEN48355"
></A
><H2
>Description</H2
>string <B
CLASS="methodname"
>mysql_real_escape_string</B
> ( string unescaped_string [, resource link_identifier])<BR
></BR
><P
>&#13;     This function will escape special characters in the
     <TT
CLASS="parameter"
><I
>unescaped_string</I
></TT
>, taking into account the current
     charset of the connection so that it is safe to place it in a
     <A
HREF="function.mysql-query.html"
><B
CLASS="function"
>mysql_query()</B
></A
>. 
    </P
><DIV
CLASS="note"
><BLOCKQUOTE
CLASS="note"
><P
><B
>Nota: </B
>
      <B
CLASS="function"
>mysql_real_escape_string()</B
> does not escape
      <TT
CLASS="literal"
>%</TT
> and <TT
CLASS="literal"
>_</TT
>.
     </P
></BLOCKQUOTE
></DIV
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
CLASS="EXAMPLE"
><TR
><TD
><DIV
CLASS="example"
><A
NAME="AEN48374"
></A
><P
><B
>Ejemplo 1. <B
CLASS="function"
>mysql_real_escape_string()</B
> example</B
></P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><PRE
CLASS="php"
>&#60;?php
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
$item = "Zak's and Derick's Laptop";
$escaped_item = mysql_real_escape_string($item);
printf ("Escaped string: %s\n", $escaped_item);
?&#62;</PRE
></TD
></TR
></TABLE
><P
>&#13;       The above example would produce the following output:
       <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><PRE
CLASS="screen"
>Escaped string: Zak\'s and Derick\'s Laptop</PRE
></TD
></TR
></TABLE
>
      </P
></DIV
></TD
></TR
></TABLE
><P
>&#13;     See also:
     <A
HREF="function.mysql-escape-string.html"
><B
CLASS="function"
>mysql_escape_string()</B
></A
>,
     <A
HREF="function.mysql-character-set-name.html"
><B
CLASS="function"
>mysql_character_set_name()</B
></A
>.
    </P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="function.mysql-query.html"
ACCESSKEY="P"
>Anterior</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Inicio</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="function.mysql-result.html"
ACCESSKEY="N"
>Siguiente</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>mysql_query</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="ref.mysql.html"
ACCESSKEY="U"
>Subir</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>mysql_result</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>