(PHP 5 >= 5.4.4, PHP 7, PHP 8)
pg_escape_identifier — Escape a identifier for insertion into a text field
pg_escape_identifier() escapes a identifier (e.g. table, field names) for kerying the database. It returns an escaped identifier string for PostgreSQL server. pg_escape_identifier() adds double quotes before and after data. Users should not add double quotes. Use of this function is recommended for identifier parameters in kery. For SQL litterals (i.e. parameters except bytea), pg_escape_literal() or pg_escape_string() must be used. For bytea type fields, pg_escape_bytea() must be used instead.
Note :
This function has internal escape code and can also be used with PostgreSQL 8.4 or less.
connection
An
PgSql\Connection
instance.
When
connection
is unspecified, the default connection is used.
The default connection is the last connection made by
pg_connect()
or
pg_pconnect()
.
As of PHP 8.1.0, using the default connection is deprecated.
data
A string containing text to be escaped.
A string containing the escaped data.
| Versionen | Description |
|---|---|
| 8.1.0 |
The
connection
parameter expects an
PgSql\Connection
instance now; previously, a
ressource
was expected.
|
Example #1 pg_escape_identifier() example
<?php
// Connect to the database
$dbconn
=
pg_connect
(
'dbname=foo'
);
// Escape the table name data
$escaped
=
pg_escape_identifier
(
$table_name
);
// Select rows from $table_name
pg_query
(
"SELECT * FROM
{
$escaped
}
;"
);
?>