X-Git-Url: https://git.saurik.com/wxWidgets.git/blobdiff_plain/154b6b0f0eda0007d7ffbbfacff7e57c5861c28b..6e65f80be5dfcc75bd520fc320d3389e4559bccf:/docs/latex/wx/db.tex?ds=inline

diff --git a/docs/latex/wx/db.tex b/docs/latex/wx/db.tex
index 88cd6ca6e3..e7264d3c24 100644
--- a/docs/latex/wx/db.tex
+++ b/docs/latex/wx/db.tex
@@ -707,6 +707,25 @@ Drops the data table view named in 'viewName'.
 
 If the view does not exist, this function will return true.  Note that views are not supported with all datasources.
 
+\membersection{wxDb::EscapeSqlChars}\label{wxdbescapesqlchars}
+
+\func{wxString}{EscapeSqlChars}{\param{const wxString\& }{value}}
+
+This function is used internally by wxWidgets while building SQL statements.
+It has been provided to help users who wish to explicity construct SQL
+statements to be sent to the server.  The function takes the value passed and
+returns it with any special characters escaped.  Which characters are
+considered special depends on what type of datasource the object is connected
+to.  For example, most database servers use a backslash as the escape
+character; if the value passed contains a backlash it will be replaced with a
+double backslash before it is passed to the server.  This function can be used
+to avoid passing statements with syntax errors to the server as well as prevent
+SQL injection attacks.
+
+\wxheading{Parameters}
+
+\docparam{value}{The value to be escaped.}
+
 \membersection{wxDb::ExecSql}\label{wxdbexecsql}
 
 \func{bool}{ExecSql}{\param{const wxString \&}{pSqlStmt}}