- Documentation Library
- Table of Contents
- MySQL 5.0 Manual
- Table of Contents
- 24.2.3 Descripción de funciones de la API C
- 24.2.3.1 mysql_affected_rows()
- 24.2.3.2 mysql_change_user()
- 24.2.3.3 mysql_character_set_name()
- 24.2.3.4 mysql_close()
- 24.2.3.5 mysql_connect()
- 24.2.3.6 mysql_create_db()
- 24.2.3.7 mysql_data_seek()
- 24.2.3.8 mysql_debug()
- 24.2.3.9 mysql_drop_db()
- 24.2.3.10 mysql_dump_debug_info()
- 24.2.3.11 mysql_eof()
- 24.2.3.12 mysql_errno()
- 24.2.3.13 mysql_error()
- 24.2.3.14 mysql_escape_string()
- 24.2.3.15 mysql_fetch_field()
- 24.2.3.16 mysql_fetch_fields()
- 24.2.3.17 mysql_fetch_field_direct()
- 24.2.3.18 mysql_fetch_lengths()
- 24.2.3.19 mysql_fetch_row()
- 24.2.3.20 mysql_field_count()
- 24.2.3.21 mysql_field_seek()
- 24.2.3.22 mysql_field_tell()
- 24.2.3.23 mysql_free_result()
- 24.2.3.24 mysql_get_character_set_info()
- 24.2.3.25 mysql_get_client_info()
- 24.2.3.26 mysql_get_client_version()
- 24.2.3.27 mysql_get_host_info()
- 24.2.3.28 mysql_get_proto_info()
- 24.2.3.29 mysql_get_server_info()
- 24.2.3.30 mysql_get_server_version()
- 24.2.3.31 mysql_hex_string()
- 24.2.3.32 mysql_info()
- 24.2.3.33 mysql_init()
- 24.2.3.34 mysql_insert_id()
- 24.2.3.35 mysql_kill()
- 24.2.3.36 mysql_library_init()
- 24.2.3.37 mysql_library_end()
- 24.2.3.38 mysql_list_dbs()
- 24.2.3.39 mysql_list_fields()
- 24.2.3.40 mysql_list_processes()
- 24.2.3.41 mysql_list_tables()
- 24.2.3.42 mysql_num_fields()
- 24.2.3.43 mysql_num_rows()
- 24.2.3.44 mysql_options()
- 24.2.3.45 mysql_ping()
- 24.2.3.46 mysql_query()
- 24.2.3.47 mysql_real_connect()
- 24.2.3.48 mysql_real_escape_string()
- 24.2.3.49 mysql_real_query()
- 24.2.3.50 mysql_reload()
- 24.2.3.51 mysql_row_seek()
- 24.2.3.52 mysql_row_tell()
- 24.2.3.53 mysql_select_db()
- 24.2.3.54 mysql_set_character_set()
- 24.2.3.55 mysql_set_server_option()
- 24.2.3.56 mysql_shutdown()
- 24.2.3.57 mysql_sqlstate()
- 24.2.3.58 mysql_ssl_set()
- 24.2.3.59 mysql_stat()
- 24.2.3.60 mysql_store_result()
- 24.2.3.61 mysql_thread_id()
- 24.2.3.62 mysql_use_result()
- 24.2.3.63 mysql_warning_count()
- 24.2.3.64 mysql_commit()
- 24.2.3.65 mysql_rollback()
- 24.2.3.66 mysql_autocommit()
- 24.2.3.67 mysql_more_results()
- 24.2.3.68 mysql_next_result()
unsigned long mysql_real_escape_string(MYSQL *mysql,
char *to, const char *from, unsigned long length)
Note that mysql must be a valid, open
connection. This is needed because the escaping depends on the
character set in use by the server.
Description
This function is used to create a legal SQL string that you can use in a SQL statement. See Sección 9.1.1, “Cadenas de caracteres”.
The string in from is encoded to an escaped
SQL string, taking into account the current character set of
the connection. The result is placed in to
and a terminating null byte is appended. Characters encoded
are NUL (ASCII 0), '\n',
'\r', '\',
''', '"', and Control-Z
(see Sección 9.1, “Valores literales”). (Strictly speaking, MySQL
requires only that backslash and the quote character used to
quote the string in the query be escaped. This function quotes
the other characters to make them easier to read in log
files.)
The string pointed to by from must be
length bytes long. You must allocate the
to buffer to be at least
length*2+1 bytes long. (In the worst case,
each character may need to be encoded as using two bytes, and
you need room for the terminating null byte.) When
mysql_real_escape_string() returns, the
contents of to is a null-terminated string.
The return value is the length of the encoded string, not
including the terminating null character.
If you need to change the character set of the connection, you
should use the mysql_set_character_set()
function rather than executing a SET NAMES
(or SET CHARACTER SET) statement.
mysql_set_character_set() works like
SET NAMES but also affects the character
set used by mysql_real_escape_string(),
which SET NAMES does not.
Example
char query[1000],*end;
end = strmov(query,"INSERT INTO test_table values(");
*end++ = '\'';
end += mysql_real_escape_string(&mysql, end,"What's this",11);
*end++ = '\'';
*end++ = ',';
*end++ = '\'';
end += mysql_real_escape_string(&mysql, end,"binary data: \0\r\n",16);
*end++ = '\'';
*end++ = ')';
if (mysql_real_query(&mysql,query,(unsigned int) (end - query)))
{
fprintf(stderr, "Failed to insert row, Error: %s\n",
mysql_error(&mysql));
}
The strmov() function used in the example
is included in the mysqlclient library and
works like strcpy() but returns a pointer
to the terminating null of the first parameter.
Return Values
The length of the value placed into to, not
including the terminating null character.
Errors
None.
Ésta es una traducción del manual de referencia de MySQL, que puede encontrarse en dev.mysql.com. El manual de referencia original de MySQL está escrito en inglés, y esta traducción no necesariamente está tan actualizada como la versión original. Para cualquier sugerencia sobre la traducción y para señalar errores de cualquier tipo, no dude en dirigirse a mysql-es@vespito.com.
