<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML ><HEAD ><TITLE >mysql_escape_string</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK REL="HOME" TITLE="Manual do PHP" HREF="index.html"><LINK REL="UP" TITLE="Funções do MySQL" HREF="ref.mysql.html"><LINK REL="PREVIOUS" TITLE="mysql_error" HREF="function.mysql-error.html"><LINK REL="NEXT" TITLE="mysql_fetch_array" HREF="function.mysql-fetch-array.html"><META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=UTF-8"></HEAD ><BODY CLASS="refentry" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Manual do PHP</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="function.mysql-error.html" ACCESSKEY="P" >Anterior</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" ></TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="function.mysql-fetch-array.html" ACCESSKEY="N" >Próxima</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><H1 ><A NAME="function.mysql-escape-string" ></A >mysql_escape_string</H1 ><DIV CLASS="refnamediv" ><A NAME="AEN130011" ></A ><P > (PHP 4 >= 4.0.3, PHP 5)</P >mysql_escape_string -- Escapa uma string para usar em uma consulta MySQL</DIV ><DIV CLASS="refsect1" ><A NAME="AEN130014" ></A ><H2 >Descrição</H2 >string <B CLASS="methodname" >mysql_escape_string</B > ( string unescaped_string )<BR ></BR ><P > This function will escape the <CODE CLASS="parameter" >unescaped_string</CODE >, so that it is safe to place it in a <A HREF="function.mysql-query.html" ><B CLASS="function" >mysql_query()</B ></A >. This function is deprecated. </P ><P > This function is identical to <A HREF="function.mysql-real-escape-string.html" ><B CLASS="function" >mysql_real_escape_string()</B ></A > except that <A HREF="function.mysql-real-escape-string.html" ><B CLASS="function" >mysql_real_escape_string()</B ></A > takes a connection handler and escapes the string according to the current character set. <B CLASS="function" >mysql_escape_string()</B > does not take a connection argument and does not respect the current charset setting. </P ></DIV ><DIV CLASS="refsect1" ><A NAME="AEN130029" ></A ><H2 >Parâmetros</H2 ><P > <P ></P ><DIV CLASS="variablelist" ><DL ><DT ><CODE CLASS="parameter" >unescaped_string</CODE ></DT ><DD ><P > The string that is to be escaped. </P ></DD ></DL ></DIV > </P ></DIV ><DIV CLASS="refsect1" ><A NAME="AEN130038" ></A ><H2 >Valores de retornado</H2 ><P > Returns the escaped string. </P ></DIV ><DIV CLASS="refsect1" ><A NAME="AEN130041" ></A ><H2 >Histórico</H2 ><P > <DIV CLASS="informaltable" ><P ></P ><A NAME="AEN130044" ></A ><TABLE BORDER="1" CLASS="CALSTABLE" ><COL><COL><THEAD ><TR ><TH >Versão</TH ><TH >Descrição</TH ></TR ></THEAD ><TBODY ><TR ><TD >4.3.0</TD ><TD > This function became deprecated, do not use this function. Instead, use <A HREF="function.mysql-real-escape-string.html" ><B CLASS="function" >mysql_real_escape_string()</B ></A >. </TD ></TR ></TBODY ></TABLE ><P ></P ></DIV > </P ></DIV ><DIV CLASS="refsect1" ><A NAME="AEN130055" ></A ><H2 >Exemplos</H2 ><P > <TABLE WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" CLASS="EXAMPLE" ><TR ><TD ><DIV CLASS="example" ><A NAME="AEN130058" ></A ><P ><B >Exemplo 1. <B CLASS="function" >mysql_escape_string()</B > example</B ></P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" CELLPADDING="5" ><TR ><TD ><code><font color="#000000"> <font color="#0000BB"><?php<br />$item </font><font color="#007700">= </font><font color="#DD0000">"Zak's Laptop"</font><font color="#007700">;<br /></font><font color="#0000BB">$escaped_item </font><font color="#007700">= </font><font color="#0000BB">mysql_escape_string</font><font color="#007700">(</font><font color="#0000BB">$item</font><font color="#007700">);<br /></font><font color="#0000BB">printf</font><font color="#007700">(</font><font color="#DD0000">"Escaped string: %s\n"</font><font color="#007700">, </font><font color="#0000BB">$escaped_item</font><font color="#007700">);<br /></font><font color="#0000BB">?></font> </font> </code></TD ></TR ></TABLE ><P >O exemplo acima irá imprimir:</P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" CELLPADDING="5" ><TR ><TD ><PRE CLASS="screen" >Escaped string: Zak\'s Laptop</PRE ></TD ></TR ></TABLE ></DIV ></TD ></TR ></TABLE > </P ></DIV ><DIV CLASS="refsect1" ><A NAME="AEN130064" ></A ><H2 >Notas</H2 ><DIV CLASS="note" ><BLOCKQUOTE CLASS="note" ><P ><B >Nota: </B > <B CLASS="function" >mysql_escape_string()</B > does not escape <TT CLASS="literal" >%</TT > and <TT CLASS="literal" >_</TT >. </P ></BLOCKQUOTE ></DIV ></DIV ><DIV CLASS="refsect1" ><A NAME="AEN130071" ></A ><H2 >Veja também</H2 ><P > <P ></P ><TABLE BORDER="0" ><TBODY ><TR ><TD ><A HREF="function.mysql-real-escape-string.html" ><B CLASS="function" >mysql_real_escape_string()</B ></A ></TD ></TR ><TR ><TD ><A HREF="function.addslashes.html" ><B CLASS="function" >addslashes()</B ></A ></TD ></TR ><TR ><TD >The <A HREF="ref.info.html#ini.magic-quotes-gpc" >magic_quotes_gpc</A > directive.</TD ></TR ></TBODY ></TABLE ><P ></P > </P ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="function.mysql-error.html" ACCESSKEY="P" >Anterior</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Principal</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="function.mysql-fetch-array.html" ACCESSKEY="N" >Próxima</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >mysql_error</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="ref.mysql.html" ACCESSKEY="U" >Acima</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >mysql_fetch_array</TD ></TR ></TABLE ></DIV ></BODY ></HTML >