/**
* Sanitizes a string.
*
* @param string $variable
* @param mixed $value
* @return string
* @throws \Queryer\Exception\DatabaseException
*/
private static function processString($variable, $value)
{
// For this one, we need to get the Database.
$db = self::getDatabaseInstance();
if (!Database::getAutoEscape()) {
return '\'' . $db->sanitize($value) . '\'';
}
return '\'' . $db->sanitize(htmlspecialchars($value, ENT_QUOTES, 'UTF-8')) . '\'';
}
/**
* Tests to ensure setting the auto escape option works.
*/
public function testSetAutoEscape()
{
Database::setAutoEscape(true);
$this->assertTrue(Database::getAutoEscape());
// Set it back to the default.
Database::setAutoEscape(false);
}
