Simple way to use mysql sanitizer function in php

17 Sep

If you don’t know yet mysql_real_escape_string() is the php function to sanitize a given string for mysql quires so as to prevent sql inejections.

But its irritating to use it every time you want to sanitize.
So, lets simplify the burden.

function __($var){
	return mysql_real_escape_string($var);

By using this function, You just need to put $variable inside __()

$sql="SELECT * FROM `new` WHERE title='".__($_POST['title'])."'";

Thanks for visiting


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: