/** * Sanitizes a string. * * @param string $variable * @param mixed $value * @return string * @throws \Queryer\Exception\DatabaseException */ private static function processString($variable, $value) { // For this one, we need to get the Database. $db = self::getDatabaseInstance(); if (!Database::getAutoEscape()) { return '\'' . $db->sanitize($value) . '\''; } return '\'' . $db->sanitize(htmlspecialchars($value, ENT_QUOTES, 'UTF-8')) . '\''; }
/** * Tests to ensure setting the auto escape option works. */ public function testSetAutoEscape() { Database::setAutoEscape(true); $this->assertTrue(Database::getAutoEscape()); // Set it back to the default. Database::setAutoEscape(false); }