Escapes special characters in a string for use in an SQL statement,
taking into account the current charset of the connection
public escape ( $string ) : String | ||
$string | String to escape | |
return | String | escaped |
/** * @param $deleted * @param null $equivclean * @return Query */ public function removeDeletedComputers($deleted, $equivclean = null) { if (is_array($deleted)) { $del = "('"; $del .= join("','", $deleted); $del .= "')"; $query = "DELETE FROM `deleted_equiv` WHERE `DELETED` IN " . $del . " "; } else { $query = "DELETE FROM `deleted_equiv` WHERE `DELETED` = '" . $this->db->escape($deleted) . "' "; } if (empty($equivclean)) { $equiv_clean = " AND (`EQUIVALENT` = '' OR `EQUIVALENT` IS NULL ) "; } else { $equiv_clean = "AND `EQUIVALENT` = '" . $this->db->escape($equivclean) . "'"; } $query .= $equiv_clean; $delete = $this->db->query($query); $res = $delete; return $res; }