string
CDatabase::ForSql(
string value,
int max_length=0
)
The method ForSql prepares the string for insertion into an SQL query (replaces quotes etc.) and optionally truncates it to a specified maximum length.
Parameters
Parameter
Description
value
Source string to be processed.
max_length
Maximum length of the resulting string. Optional; by default (0) the string is not truncated.
<?
$strSql = "
SELECT
ID
FROM
b_stat_phrase_list
WHERE
PHRASE='".$DB->ForSql($search_phrase)."'
and SESSION_ID='".$_SESSION["SESS_SESSION_ID"]."'
";
$w = $DB->Query($strSql, false, $err_mess.__LINE__);
?>