WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

wpdb::_real_escape()

wpdb::_real_escape( string $data ): string

In this article

Back to top

Real escape using mysqli_real_escape_string().

Description

See also

Parameters

$datastringrequired
String to escape.

Return

string Escaped string.

Source

public function _real_escape( $data ) {
	if ( ! is_scalar( $data ) ) {
		return '';
	}

	if ( $this->dbh ) {
		$escaped = mysqli_real_escape_string( $this->dbh, $data );
	} else {
		$class = get_class( $this );

		wp_load_translations_early();
		/* translators: %s: Database access abstraction class, usually wpdb or a class extending wpdb. */
		_doing_it_wrong( $class, sprintf( __( '%s must set a database connection for use with escaping.' ), $class ), '3.6.0' );

		$escaped = addslashes( $data );
	}

	return $this->add_placeholder_escape( $escaped );
}

View all references View on Trac View on GitHub

UsesDescription
wpdb::add_placeholder_escape()wp-includes/class-wpdb.php

Adds a placeholder escape string, to escape anything that resembles a printf() placeholder.

wp_load_translations_early()wp-includes/load.php

Attempts an early load of translations.

__()wp-includes/l10n.php

Retrieves the translation of $text.

_doing_it_wrong()wp-includes/functions.php

Marks something as being incorrectly called.

Show 2 moreShow less
Used byDescription
wpdb::_escape()wp-includes/class-wpdb.php

Escapes data. Works on arrays.

wpdb::escape_by_ref()wp-includes/class-wpdb.php

Escapes content by reference for insertion into the database, for security.

wpdb::prepare()wp-includes/class-wpdb.php

Prepares a SQL query for safe execution.

Changelog

VersionDescription
2.8.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.