Escaping Input
Database | Escape Character | Notes |
---|---|---|
Access 2000 | ' | |
DB2 8.1 | ' | |
Firebird 1.5 | ' | |
FrontBase 4.1 | ' | |
MySQL 4.0 – 4.1 | ' or \ | |
Oracle 9.2 | ' | |
PostgreSQL 7.4 | ' or \ | |
SQL Server 2000 | ' | |
SQLite 2.8 | ' | |
Sybase ASE 12.5 | ' |
Use PEAR::DB's escapeSimple() and quoteSmart() methods on data you're putting into queries.