I have many functions like updateUser($id,$username,$email) updateMusic($id, $music) etc… Is there a generic function

Question

Asked: May 24, 20262026-05-24T17:48:54+00:00 2026-05-24T17:48:54+00:00

I have many functions like

updateUser($id,$username,$email)
updateMusic($id, $music)

etc…

Is there a generic function to avoid SQL injections ?

I just want to avoid using mysql_real_escape_string for each parameter I have

$username = mysql_real_escape_string($username);
$email= mysql_real_escape_string($email);
$music= mysql_real_escape_string($music);

You must login to add an answer.

Need An Account,

Editorial Team · Answer 1 · 2026-05-24T17:48:55+00:00

Editorial Team

you may use,

list($id,$music) = array_map('mysql_real_escape_string',array($id,$music))

but prepared statements rocks

The Archive Base Latest Questions