wpdb::_real_escape( string $string )

Real escape, using mysqli_real_escape_string() or mysql_real_escape_string().

Description

See also

Parameters

$string

(string) (Required) String to escape.

Return

(string) Escaped string.

Source

File: wp-includes/wp-db.php 

function _real_escape( $string ) {
		if ( ! is_scalar( $string ) && ! is_null( $string ) ) {
			return '';
		}

		if ( $this->dbh ) {
			if ( $this->use_mysqli ) {
				$escaped = mysqli_real_escape_string( $this->dbh, $string );
			} else {
				$escaped = mysql_real_escape_string( $string, $this->dbh );
			}
		} else {
			$class = get_class( $this );
			if ( function_exists( '__' ) ) {
				/* translators: %s: Database access abstraction class, usually wpdb or a class extending wpdb. */
				_doing_it_wrong( $class, sprintf( __( '%s must set a database connection for use with escaping.' ), $class ), '3.6.0' );
			} else {
				_doing_it_wrong( $class, sprintf( '%s must set a database connection for use with escaping.', $class ), '3.6.0' );
			}
			$escaped = addslashes( $string );
		}

		return $this->add_placeholder_escape( $escaped );
	}

Uses

Uses Description
wp-includes/wp-db.php: wpdb::add_placeholder_escape()

Adds a placeholder escape string, to escape anything that resembles a printf() placeholder.
wp-includes/l10n.php: __()

Retrieve the translation of $text.
wp-includes/functions.php: _doing_it_wrong()

Mark something as being incorrectly called.

Used By

Used By Description
wp-includes/wp-db.php: wpdb::_escape()

Escapes data. Works on arrays.
wp-includes/wp-db.php: wpdb::escape_by_ref()

Escapes content by reference for insertion into the database, for security.

Changelog

Version Description
2.8.0 Introduced.

© 2003–2021 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/classes/wpdb/_real_escape