Escape a identifier for insertion into a text field

pg_escape_identifier

(PHP 5 >= 5.4.4, PHP 7, PHP 8)

pg_escape_identifier Escape a identifier for insertion into a text field

說明

pg_escape_identifier(PgSql\Connection $connection = ?, string $data): string

pg_escape_identifier() escapes a identifier (e.g. table, field names) for querying the database. It returns an escaped identifier string for PostgreSQL server. pg_escape_identifier() adds double quotes before and after data. Users should not add double quotes. Use of this function is recommended for identifier parameters in query. For SQL literals (i.e. parameters except bytea), pg_escape_literal() or pg_escape_string() must be used. For bytea type fields, pg_escape_bytea() must be used instead.

注意:

This function has internal escape code and can also be used with PostgreSQL 8.4 or less.

參數

connection

An PgSql\Connection instance. When connection is unspecified, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect().

警告

As of PHP 8.1.0, using the default connection is deprecated.

data

A string containing text to be escaped.

返回值

A string containing the escaped data.

更新日誌

版本 說明
8.1.0 現在 connection 參數接受 PgSql\Connection 實例,之前接受 資源(resource)

範例

示例 #1 pg_escape_identifier() example

<?php 
  
// Connect to the database
  
$dbconn pg_connect('dbname=foo');
  
  
// Escape the table name data
  
$escaped pg_escape_identifier($table_name);
  
  
// Select rows from $table_name
  
pg_query("SELECT * FROM {$escaped};");
?>

參見

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *