SQLStr
Description
Returns the input value in an escaped form so that it can safely be used inside of queries. The returned value is surrounded by quotes unless noQuotes is true. Alias of sql.SQLStr
Do not use this function with external database engines such as
MySQL
. MySQL
and SQLite
use different escape sequences that are incompatible with each other! Escaping strings with inadequate functions is dangerous and will lead to SQL injection vulnerabilities.Arguments
2 boolean noQuotes = false
Set this as
true
, and the function will not wrap the input string in apostrophes.Returns
Page views: 17,910
Updated: This Month
Updated: This Month