Eine auf WordPress spezialiserte Suchmaschine für Entwickler und Theme-Autoren



esc_sql ›

Seit2.8.0
Veraltetn/v
esc_sql ( $data )
Parameter:
  • (string|array) $data Unescaped data
    Erforderlich: Ja
Gibt zurück:
  • (string|array) Escaped data
Definiert in:
Codex:

Escapes data for use in a MySQL query.

Usually you should prepare queries using wpdb::prepare(). Sometimes, spot-escaping is required or useful. One example is preparing an array for use in an IN clause.

NOTE: Since 4.8.3, '%' characters will be replaced with a placeholder string, this prevents certain SQLi attacks from taking place. This change in behaviour may cause issues for code that expects the return value of esc_sql() to be useable for other purposes.



Ähnliche Funktionen: esc_js, esc_url, esc_html, is_ssl, esc_html__

Quellcode

function esc_sql( $data ) {
	global $wpdb;
	return $wpdb->_escape( $data );
}