addslashes php
The real_escape_string() / mysqli_real_escape_string() function escapes special characters in a string for use in an SQL query, taking into account the current character set of the connection.
Object oriented style:
$mysqli -> real_escape_string(escapestring)
$mysqli = new mysqli("localhost","my_user","my_password","my_db");
// Escape special characters, if any
$firstname = $mysqli -> real_escape_string($_POST['firstname']);
$lastname = $mysqli -> real_escape_string($_POST['lastname']);
$age = $mysqli -> real_escape_string($_POST['age']);
Procedural style:
mysqli_real_escape_string(connection, escapestring)
$con = mysqli_connect("localhost","my_user","my_password","my_db");
// Escape special characters, if any
$firstname = mysqli_real_escape_string($con, $_POST['firstname']);
$lastname = mysqli_real_escape_string($con, $_POST['lastname']);
$age = mysqli_real_escape_string($con, $_POST['age']);
