mysql_real_escape_string - escape string by taking into account character set of connection
#include <mysql.h> unsigned long mysql_real_escape_string(MYSQL * mysql, char * to, const char * from, unsigned long);
This function is used to create a legal SQL string that you can use in an SQL statement. The given string is encoded to an escaped SQL string, taking into account the current character set of the connection.
mysql- a mysql handle, which was previously allocated by mysql_init(3) and connected by mysql_real_connect(3).
to- buffer for the encoded string. The size of this buffer must be length * 2 + 1 bytes: in worst case every character of the from string needs to be escaped. Additionally a trailing 0 character will be appended.
from- a string which will be encoded by mysql_real_escape_string().
long- the length of the
Returns the length of the encoded (to) string.