Since there is no function to check whether a string is escaped before entering it to the db, how can I do this with regex?
$string = 'some" string';
if(!preg_match('//',$string))
{
$string = mysqli_real_escape_string($string);
}
php manual:
mysqli_real_escape_string backslashes characters encoded NUL (ASCII 0), \n, \r, \, ', ", and Control-Z.