Escaping Column and Table and Names in MySQL (Part 2)

Check out part 1 to learn why you don’t actually need an escaping function.

So you want a function to escape or validate user-input that is going to be inserted into a MySQL query as a column or table name?

Continue Reading

Escaping Column and Table and Names in MySQL (Part 1)

Skip to Part 2 if you just want a drop-in escaping function. Keep reading if you want to know why you don’t need one.

Thanks to widespread adoption of ORMs, it’s rare that I need to construct SQL queries in code. However, there’s at least a couple situations where the need still arises:

Continue Reading