About SQL Escape / UnEscape
SQL Escaping:
SQL escaping, also known as SQL parameterization or SQL sanitization, involves properly formatting and escaping special characters in SQL queries. Special characters, such as single quotes ('), double quotes("), backslashes (), and semicolons (;), can cause SQL syntax errors or be exploited for SQL injection attacks if not handled correctly.
To prevent these issues, SQL escape tools convert special characters into their escaped forms, following the SQL syntax rules. For example, a single quote ' is often escaped as two single quotes (''), and a backslash is escaped as a double backslash (\).
SQL Un-Escaping:
SQL unescaping, also known as SQL desanitization, is the reverse process of SQL escaping. It involves converting escaped characters back to their original form.
This is usually done when retrieving data from the database and presenting it to users.
How to Escape?
- Paste your normal Text in the textbox above.
- Click on Escape button below the textbox.
- Your code will be escaped and you can copy the escaped code from the result textbox.
- Now you can safely insert this text in your database.
- Click on Reset button or Reload the page to reset the form and escape again.
How to Un-Escape?
- Paste your Escaped Text code in the textbox above.
- Click on Un Escape button below the textbox.
- Your code will be converted back to its original form, and you can copy the decoded text from the result textbox.
- Click on Reset button or Reload the page to reset the form and un-escape again.