To escape special characters in a PHP string, you can use the backslash \ followed by the character you want to insert. For example \$ for a dollar sign to prevent variable interpolation.

Other examples:

\\ for a backslash
\' for a single quote
\" for a double quote
\n for a new line
\r for a carriage return
\t for a tab

Escaping special characters with `mysqli_real_escape_string()` for a posted value:

$user_last_name = mysqli_real_escape_string($conn, $_POST['user_last_name']);

Using `mysqli_real_escape_string()` (for MySQL queries)

$connection = new mysqli("server", "user", "password", "database");

$string = "O'Reilly's books";
$escaped_string = mysqli_real_escape_string($connection, $string);

$query = "SELECT * FROM books WHERE author = '$escaped_string'";
echo $query;

Alternate table row styles Conditional formatting of table rows Copy text to clipboard Disable spaces in an input field Multi step form with progress indicator Read more or less Remove the leading and trailing space input Toggle visibility with a slide effect Toggle visibility without pushing content Validate checkboxes Validate input fields Validate radio buttons Validate TinyMce editor

Comma after each value, except the last one Display records Display records in a Bootstrap Table Display records in columns Display records with Bootstrap pagination Display records with CSS styles Escape special characters in a string Highlight the search term in results Replace unicode characters by utf-8 Search autocomplete with Typeahead Search records by an option Select rows for the current day and month Short commands

MySQL

Escape special characters

Escaping special characters with mysqli_real_escape_string() for a posted value:

Using mysqli_real_escape_string() (for MySQL queries)

Escaping special characters with `mysqli_real_escape_string()` for a posted value:

Using `mysqli_real_escape_string()` (for MySQL queries)