The mysqli_real_escape_string() function is an inbuilt function in PHP which is used to escape all special characters for use in an SQL query. It is used before inserting a string in a database, as it removes any special characters that may interfere with the query operations.
When simple strings are used, there are chances that special characters like backslashes and apostrophes are included in them (especially when they are getting data directly from a form where such data is entered). These are considered to be part of the query string and interfere with its normal functioning.
In the above code, the query fails because the apostrophes are considered as part of the query when it is executed using mysqli_query(). The solution is to use mysqli_real_escape_string() before using the strings in the query.
1 row inserted.
- How to get the function name inside a function in PHP ?
- PHP 5 vs PHP 7
- PHP | Get PHP configuration information using phpinfo()
- PHP | php.ini File Configuration
- How to import config.php file in a PHP script ?
- PHP | imagecreatetruecolor() Function
- PHP | fpassthru( ) Function
- PHP | ImagickDraw getTextAlignment() Function
- PHP | Ds\Sequence last() Function
- PHP | Imagick floodFillPaintImage() Function
- Function to escape regex patterns before applied in PHP
- PHP | array_udiff_uassoc() Function
- PHP | geoip_continent_code_by_name() Function
- PHP | GmagickPixel setcolor() function
- PHP | opendir() Function
- PHP | cal_to_jd() Function
- PHP | stream_get_transports() Function
- PHP | Ds\Deque pop() Function
- PHP | SimpleXMLElement children() Function
- PHP | array_intersect_ukey() Function
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.