string->encodeSql
Escapes a string for MySQL string literals.
Target
Signature
1string->encodeSql()Escapes a string for MySQL string literals.
string->encodeSql is called with member syntax on a receiver value. string->encodeSql works with text values. Normalize input at boundaries, escape at output boundaries, and keep encoding calls close to the place where the encoded text is needed.
Examples
Basic call
1string(web_request->param('name'))->encodeSqlThe example shows the receiver and result shape. In templates, apply escaping at the final output boundary.