Escape a identifier for insertion into a text field


(PHP 5 >= 5.4.4)

pg_escape_identifier Escape a identifier for insertion into a text field

Описание

string pg_escape_identifier ([ resource $connection ], string $data )

pg_escape_identifier() escapes a identifier (e.g. table, field names) for quering the database. It returns an escaped identifier string for PostgreSQL server. pg_escape_identifier() adds double quotes before and after data. Users should not add double quotes. Use of this function is recommended for identifier parameters in query. For SQL literals (i.e. parameters except bytea), pg_escape_literal() or pg_escape_string() muse be used. For bytea type fields, pg_escape_bytea() must be used instead.

Замечание:

This function has internal escape code and can also be used with PostgreSQL 8.4 or less.

Список параметров

connection

PostgreSQL database connection resource. When connection is not present, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect().

data

A string containing text to be escaped.

Возвращаемые значения

A string containing the escaped data.

Примеры

Пример #1 pg_escape_identifier() example

<?php 
  
// Connect to the database
  
$dbconn pg_connect('dbname=foo');
  
  
// Escape the table name data
  
$escaped pg_escape_identifier($table_name);
  
  
// Select rows from $table_name
  
pg_query("SELECT * FROM {$escaped};");
?>

Смотрите также

  • pg_escape_literal() - Escape a literal for insertion into a text field
  • pg_escape_bytea() - Экранирует спецсимволы в строке для вставки в поле типа bytea
  • pg_escape_string() - Экранирование спецсимволов в строке запроса