{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 ゆ 、 Hurt° 的问题《escaping strings for SQLite3 in PHP5》','https://www.manongdao.com/q-397896.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Why does both functions fail me? Or is this just an illusion?
<?php
echo sqlite_escape_string('Hello "World" \'\' ...');
echo "\n";
echo SQLite3::escapeString('Hello "World" \'\' ...');
echo "\n";
?>
outputs:
Hello "World" '''' ...
Hello "World" '''' ...
You should be using PDO to access your database because it has prepared statements which are safer than escaping and also faster.
Another big adventage when using PDO is that you can switch between databases(MySQL vs PostGRESQL vs SQLite for example) easily without changing much of your code.
A quick introduction how to use PDO can be read over at nettuts. A very good read/introduction if you ask me!