{"id":8797,"date":"2024-03-14T08:40:44","date_gmt":"2024-03-14T08:40:44","guid":{"rendered":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/"},"modified":"2025-08-03T09:45:35","modified_gmt":"2025-08-03T09:45:35","slug":"what-is-the-usage-of-mysql-escape","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/","title":{"rendered":"MySQL Escape: Prevent SQL Injection"},"content":{"rendered":"<p>In MySQL, you can use the mysql_real_escape_string() function to escape strings and prevent SQL injection attacks. This function escapes special characters (such as single quotes, double quotes, backslashes, etc) so that they can be correctly recognized in SQL statements without being misunderstood as part of the SQL statement. Here is a simple example:<\/p>\n<pre class=\"post-pre\"><code><span class=\"hljs-meta\">&lt;?php<\/span>\r\n<span class=\"hljs-comment\">\/\/ \u8fde\u63a5\u5230\u6570\u636e\u5e93<\/span>\r\n<span class=\"hljs-variable\">$link<\/span> = <span class=\"hljs-title function_ invoke__\">mysql_connect<\/span>(<span class=\"hljs-string\">'localhost'<\/span>, <span class=\"hljs-string\">'root'<\/span>, <span class=\"hljs-string\">'password'<\/span>);\r\n<span class=\"hljs-title function_ invoke__\">mysql_select_db<\/span>(<span class=\"hljs-string\">'my_database'<\/span>, <span class=\"hljs-variable\">$link<\/span>);\r\n\r\n<span class=\"hljs-comment\">\/\/ \u9700\u8981\u8f6c\u4e49\u7684\u5b57\u7b26\u4e32<\/span>\r\n<span class=\"hljs-variable\">$string<\/span> = <span class=\"hljs-string\">\"It's a test\"<\/span>;\r\n\r\n<span class=\"hljs-comment\">\/\/ \u8fdb\u884c\u8f6c\u4e49<\/span>\r\n<span class=\"hljs-variable\">$escaped_string<\/span> = <span class=\"hljs-title function_ invoke__\">mysql_real_escape_string<\/span>(<span class=\"hljs-variable\">$string<\/span>);\r\n\r\n<span class=\"hljs-comment\">\/\/ \u6784\u5efaSQL\u67e5\u8be2\u8bed\u53e5<\/span>\r\n<span class=\"hljs-variable\">$query<\/span> = <span class=\"hljs-string\">\"INSERT INTO my_table (my_column) VALUES ('<span class=\"hljs-subst\">$escaped_string<\/span>')\"<\/span>;\r\n\r\n<span class=\"hljs-comment\">\/\/ \u6267\u884c\u67e5\u8be2<\/span>\r\n<span class=\"hljs-title function_ invoke__\">mysql_query<\/span>(<span class=\"hljs-variable\">$query<\/span>, <span class=\"hljs-variable\">$link<\/span>);\r\n\r\n<span class=\"hljs-comment\">\/\/ \u5173\u95ed\u6570\u636e\u5e93\u8fde\u63a5<\/span>\r\n<span class=\"hljs-title function_ invoke__\">mysql_close<\/span>(<span class=\"hljs-variable\">$link<\/span>);\r\n<span class=\"hljs-meta\">?&gt;<\/span>\r\n<\/code><\/pre>\n<p>In the example above, the mysql_real_escape_string() function is used to escape the string &#8220;It\u2019s a test&#8221; before inserting it into the database. This prevents SQL syntax errors or SQL injection attacks. It is recommended to use mysql_real_escape_string() when building SQL statements with user input data.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In MySQL, you can use the mysql_real_escape_string() function to escape strings and prevent SQL injection attacks. This function escapes special characters (such as single quotes, double quotes, backslashes, etc) so that they can be correctly recognized in SQL statements without being misunderstood as part of the SQL statement. Here is a simple example: &lt;?php \/\/ [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","footnotes":""},"categories":[1],"tags":[2151,11993,11994,854,2484],"class_list":["post-8797","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-database-security","tag-mysql-escape","tag-mysql_real_escape_string","tag-php-security","tag-sql-injection"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>MySQL Escape: Prevent SQL Injection - Blog - Silicon Cloud<\/title>\n<meta name=\"description\" content=\"Secure your PHP database queries! Learn how MySQL escape string function prevents SQL injection attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"MySQL Escape: Prevent SQL Injection\" \/>\n<meta property=\"og:description\" content=\"Secure your PHP database queries! Learn how MySQL escape string function prevents SQL injection attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SiliCloudGlobal\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-14T08:40:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-03T09:45:35+00:00\" \/>\n<meta name=\"author\" content=\"Olivia Parker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SiliCloudGlobal\" \/>\n<meta name=\"twitter:site\" content=\"@SiliCloudGlobal\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Olivia Parker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/\"},\"author\":{\"name\":\"Olivia Parker\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/#\/schema\/person\/3ff7b3da0e45ac5dbbef2502f3cea8d9\"},\"headline\":\"MySQL Escape: Prevent SQL Injection\",\"datePublished\":\"2024-03-14T08:40:44+00:00\",\"dateModified\":\"2025-08-03T09:45:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/\"},\"wordCount\":113,\"publisher\":{\"@id\":\"https:\/\/www.silicloud.com\/blog\/#organization\"},\"keywords\":[\"database security\",\"mysql escape\",\"mysql_real_escape_string\",\"PHP security\",\"SQL injection\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/\",\"url\":\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/\",\"name\":\"MySQL Escape: Prevent SQL Injection - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/blog\/#website\"},\"datePublished\":\"2024-03-14T08:40:44+00:00\",\"dateModified\":\"2025-08-03T09:45:35+00:00\",\"description\":\"Secure your PHP database queries! Learn how MySQL escape string function prevents SQL injection attacks.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.silicloud.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"MySQL Escape: Prevent SQL Injection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/blog\/\",\"name\":\"Silicon Cloud Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.silicloud.com\/blog\/#organization\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/#organization\",\"name\":\"Silicon Cloud Blog\",\"url\":\"https:\/\/www.silicloud.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.silicloud.com\/blog\/wp-content\/uploads\/2023\/11\/EN-SILICON-Full.png\",\"contentUrl\":\"https:\/\/www.silicloud.com\/blog\/wp-content\/uploads\/2023\/11\/EN-SILICON-Full.png\",\"width\":1024,\"height\":1024,\"caption\":\"Silicon Cloud Blog\"},\"image\":{\"@id\":\"https:\/\/www.silicloud.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/SiliCloudGlobal\/\",\"https:\/\/twitter.com\/SiliCloudGlobal\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/#\/schema\/person\/3ff7b3da0e45ac5dbbef2502f3cea8d9\",\"name\":\"Olivia Parker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.silicloud.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/56c66f189ba32a6f9eb50f31a38fe774e2a725c213d4070835ccc51b8fbbc54b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/56c66f189ba32a6f9eb50f31a38fe774e2a725c213d4070835ccc51b8fbbc54b?s=96&d=mm&r=g\",\"caption\":\"Olivia Parker\"},\"url\":\"https:\/\/www.silicloud.com\/blog\/author\/oliviaparker\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"MySQL Escape: Prevent SQL Injection - Blog - Silicon Cloud","description":"Secure your PHP database queries! Learn how MySQL escape string function prevents SQL injection attacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/","og_locale":"en_US","og_type":"article","og_title":"MySQL Escape: Prevent SQL Injection","og_description":"Secure your PHP database queries! Learn how MySQL escape string function prevents SQL injection attacks.","og_url":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/","og_site_name":"Blog - Silicon Cloud","article_publisher":"https:\/\/www.facebook.com\/SiliCloudGlobal\/","article_published_time":"2024-03-14T08:40:44+00:00","article_modified_time":"2025-08-03T09:45:35+00:00","author":"Olivia Parker","twitter_card":"summary_large_image","twitter_creator":"@SiliCloudGlobal","twitter_site":"@SiliCloudGlobal","twitter_misc":{"Written by":"Olivia Parker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/#article","isPartOf":{"@id":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/"},"author":{"name":"Olivia Parker","@id":"https:\/\/www.silicloud.com\/blog\/#\/schema\/person\/3ff7b3da0e45ac5dbbef2502f3cea8d9"},"headline":"MySQL Escape: Prevent SQL Injection","datePublished":"2024-03-14T08:40:44+00:00","dateModified":"2025-08-03T09:45:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/"},"wordCount":113,"publisher":{"@id":"https:\/\/www.silicloud.com\/blog\/#organization"},"keywords":["database security","mysql escape","mysql_real_escape_string","PHP security","SQL injection"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/","url":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/","name":"MySQL Escape: Prevent SQL Injection - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/blog\/#website"},"datePublished":"2024-03-14T08:40:44+00:00","dateModified":"2025-08-03T09:45:35+00:00","description":"Secure your PHP database queries! Learn how MySQL escape string function prevents SQL injection attacks.","breadcrumb":{"@id":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/blog\/what-is-the-usage-of-mysql-escape\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.silicloud.com\/blog\/"},{"@type":"ListItem","position":2,"name":"MySQL Escape: Prevent SQL Injection"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/blog\/#website","url":"https:\/\/www.silicloud.com\/blog\/","name":"Silicon Cloud Blog","description":"","publisher":{"@id":"https:\/\/www.silicloud.com\/blog\/#organization"},"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.silicloud.com\/blog\/#organization","name":"Silicon Cloud Blog","url":"https:\/\/www.silicloud.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.silicloud.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.silicloud.com\/blog\/wp-content\/uploads\/2023\/11\/EN-SILICON-Full.png","contentUrl":"https:\/\/www.silicloud.com\/blog\/wp-content\/uploads\/2023\/11\/EN-SILICON-Full.png","width":1024,"height":1024,"caption":"Silicon Cloud Blog"},"image":{"@id":"https:\/\/www.silicloud.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/SiliCloudGlobal\/","https:\/\/twitter.com\/SiliCloudGlobal"]},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/blog\/#\/schema\/person\/3ff7b3da0e45ac5dbbef2502f3cea8d9","name":"Olivia Parker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.silicloud.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/56c66f189ba32a6f9eb50f31a38fe774e2a725c213d4070835ccc51b8fbbc54b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/56c66f189ba32a6f9eb50f31a38fe774e2a725c213d4070835ccc51b8fbbc54b?s=96&d=mm&r=g","caption":"Olivia Parker"},"url":"https:\/\/www.silicloud.com\/blog\/author\/oliviaparker\/"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/posts\/8797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/comments?post=8797"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/posts\/8797\/revisions"}],"predecessor-version":[{"id":153623,"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/posts\/8797\/revisions\/153623"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/media?parent=8797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/categories?post=8797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/blog\/wp-json\/wp\/v2\/tags?post=8797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}