Jump to content

mssql escape


Recommended Posts

I understand MSSQL uses the ' character to escape - however, the only functions I see built for escaping strings that are going into MSSQL dBs is:


function mssql_escape($str) {
    return str_replace("'", "''", $str);


What about double quotes? Do they need escaped? Do asterisks or anything else need escaped?



Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.