None of the ones you listed have that purpose. For a starting point you can refer to the link that colleague @hkotsubo linked and use the site search and related links, but in short, in Mysql you have mysqli_real_escape_string and in PDO has the quote - In both, a prepare with bind also solves (but beware of PDO, in PDO this is not native), but is mere side effect. The prepare serves to reuse query (again, in PDO is not always effective - remember, PDO is just a compatibility layer), not to exhaust.
This answers your question? How to prevent SQL code injection into my PHP code?
– hkotsubo
None of the ones you listed have that purpose. For a starting point you can refer to the link that colleague @hkotsubo linked and use the site search and related links, but in short, in Mysql you have
mysqli_real_escape_stringand in PDO has thequote- In both, apreparewithbindalso solves (but beware of PDO, in PDO this is not native), but is mere side effect. Theprepareserves to reuse query (again, in PDO is not always effective - remember, PDO is just a compatibility layer), not to exhaust.– Bacco