wpseek.com
Outil de recherche WordPress pour les développeurs et auteurs de thèmes

esc_sql › WordPress Function

Depuis2.8.0

Dépréciéen/a

› esc_sql ( $data )

Paramètres:	(string\|array) $data Unescaped data. Requis: Oui
Retourne:	(string\|array) Escaped data, in the same type as supplied.
Défini(e) dans:	wp-includes/formatting.php , ligne 4465
Codex:	developer.wordpress.org / esc_sql

Escapes data for use in a MySQL query.

Usually you should prepare queries using wpdb::prepare(). Sometimes, spot-escaping is required or useful. One example is preparing an array for use in an IN clause. NOTE: Since 4.8.3, '%' characters will be replaced with a placeholder string, this prevents certain SQLi attacks from taking place. This change in behavior may cause issues for code that expects the return value of esc_sql() to be usable for other purposes.

Fonctions en relation: esc_js, esc_url, esc_xml, esc_html, is_ssl

Source

function esc_sql( $data ) {
	global $wpdb;
	return $wpdb->_escape( $data );
}