DB.escape.3kaya

Langue: en

Autres versions - même langue

Version: May 2010 (fedora - 01/12/10)

Section: 3 (Bibliothèques de fonctions)

Sommaire

NAME

DB::escape - Escape a string to be used as part of a query

SYNOPSIS

String escape( String val )

ARGUMENTS

val The String to escape

DESCRIPTION

Escapes backslashes, apostrophes and quotes in a string to protect against SQL injection attacks. This function should be used only as a last resort - prepared statements using DB.prepare(3kaya) and DB.execPrepared(3kaya) are supported by all database libraries, and are far less prone to human error.

This function will escape Tainted strings, returning an untainted string.

AUTHORS

Kaya standard library by Edwin Brady, Chris Morris and others (kaya@kayalang.org). For further information see http://kayalang.org/

LICENSE

The Kaya standard library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License (version 2.1 or any later version) as published by the Free Software Foundation.

Builtins.Tainted(3kaya)