pg_escape_identifier

(PHP 5 >= 5.4.4, PHP 7, PHP 8)

pg_escape_identifier — Escape an identifier for insertion into a text field

说明

pg_escape_identifier(PgSql\Connection $connection = ?, string $string): string|false

pg_escape_identifier() escapes an identifier (e.g. table, field names) for querying the database. It returns an escaped identifier string for PostgreSQL server. pg_escape_identifier() adds double quotes before and after data. Users should not add double quotes. Use of this function is recommended for identifier parameters in query. For SQL literals (i.e. parameters except bytea), pg_escape_literal() or pg_escape_string() must be used. For bytea type fields, pg_escape_bytea() must be used instead.

参数

connection

An PgSql\Connection instance. When connection is unspecified, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect().

警告

As of PHP 8.1.0, using the default connection is deprecated.

string

A string containing text to be escaped.

返回值

A string containing the escaped data, or false on failure.

更新日志

版本	说明
8.1.0	现在 `connection` 参数接受 PgSql\Connection 实例，之前接受 resource。

示例

示例 #1 pg_escape_identifier() example

<?php 
  // Connect to the database
  $dbconn = pg_connect('dbname=foo');
  
  // Escape the table name data
  $escaped = pg_escape_identifier($table_name);
  
  // Select rows from $table_name
  pg_query("SELECT * FROM {$escaped};");
?>

参见

pg_escape_literal() - Escape a literal for insertion into a text field
pg_escape_bytea() - 转义字符串以插入到 bytea 字段
pg_escape_string() - 转义字符串以供查询