Escaping Input
| Database | Escape Character | Notes |
|---|---|---|
| Access 2000 | ' | |
| DB2 8.1 | ' | |
| Firebird 1.5 | ' | |
| FrontBase 4.1 | ' | |
| MySQL 4.0 – 4.1 | ' or \ | |
| Oracle 9.2 | ' | |
| PostgreSQL 7.4 | ' or \ | |
| SQL Server 2000 | ' | |
| SQLite 2.8 | ' | |
| Sybase ASE 12.5 | ' |
Use PEAR::DB's escapeSimple() and quoteSmart() methods on data you're putting into queries.