Domi
Reputation: 24548
Does MySQL have built-in escaping functionality?
I am now using my 100th (ok, exaggerated) language&framework combination with MySQL. It seems almost silly, and also very risky, to me that every single one of these tools provides their own escaping functionality. Does MySQL (or other SQL solutions) not offer that themselves? What if there is a little bug in one such customized escape functions? Why should we have to trust third party providers to get it right?
Upvotes: 0
Views: 45
Answers (1)
Gumbo
Reputation: 655319
MySQL has connectors and APIs including functions like mysql_real_escape_string and programming languages are just adapting them.
Upvotes: 1
Related Questions
- What does it mean to escape a string?
- What characters have to be escaped to prevent (My)SQL injections?
- MySQL real escape - Own escape - o to ö?
- Any builtin function in mysql to sanitise string variables
- How to mysql escape in magento?
- Does mysql_escape_string() make sql injection impossible?
- Escape MySQL PHP
- automatically escape data in queries
- How to know when escape is necessary for MySQL
- Escaping only what is necessary, is that possible?