SQL escapen
$sql = mysql_real_escape_string (mysqli $handler, string $escapestr) $sql = mysqli_real_escape_string (mysqli $handler, string $escapestr)
$sql = mysql_real_escape_string (mysqli $handler, string $escapestr) $sql = mysqli_real_escape_string (mysqli $handler, string $escapestr)