esc_sql
Escapes data for use in a MySQL query.
Description
(string|array) esc_sql( (string|array) $data );
Usually you should prepare queries using wpdb
::prepare(…). Sometimes, spot-escaping is required or useful. One example is preparing an array for use in an IN clause.
Returns (string|array)
Escaped data
Parameters (1)
- 0. $data (string|array)
- Unescaped data
Usage
if ( !function_exists( 'esc_sql' ) ) { require_once ABSPATH . WPINC . '/formatting.php'; } // Unescaped data $data = null; // NOTICE! Understand what this does before running. $result = esc_sql($data);
Defined (1)
The function is defined in the following location(s).
- /wp-includes/formatting.php
- function esc_sql( $data ) {
- global $wpdb;
- return $wpdb->_escape( $data );
- }