pg_escape_identifier

(PHP 5 >= 5.4.4, PHP 7)

pg_escape_identifier — Escape a identifier for insertion into a text field

说锟斤拷

pg_escape_identifier ([ resource $connection ], string $data ) : string

pg_escape_identifier() escapes a identifier (e.g. table, field names) for quering the database. It returns an escaped identifier string for PostgreSQL server. pg_escape_identifier() adds double quotes before and after data. Users should not add double quotes. Use of this function is recommended for identifier parameters in query. For SQL literals (i.e. parameters except bytea), pg_escape_literal() or pg_escape_string() must be used. For bytea type fields, pg_escape_bytea() must be used instead.

Note:
This function has internal escape code and can also be used with PostgreSQL 8.4 or less.

锟斤拷锟斤拷

connection: PostgreSQL database connection resource. When connection is not present, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect().
data: A string containing text to be escaped.

锟斤拷锟斤拷值

A string containing the escaped data.

锟斤拷锟斤拷

Example #1 pg_escape_identifier() example


<?php 
  // Connect to the database
  $dbconn = pg_connect('dbname=foo');
  
  // Escape the table name data
  $escaped = pg_escape_identifier($table_name);
  
  // Select rows from $table_name
  pg_query("SELECT * FROM {$escaped};");
?>

锟轿硷拷

pg_escape_literal() - Escape a literal for insertion into a text field
pg_escape_bytea() - 转锟斤拷 bytea 锟斤拷锟酵的讹拷锟斤拷锟斤拷锟斤拷锟斤拷
pg_escape_string() - 转锟斤拷 text/char 锟斤拷锟酵碉拷锟街凤拷锟斤拷