pg_escape_string

(PHP 4 >= 4.2.0, PHP 5, PHP 7)

pg_escape_string Escape a string for query

Descrierea

pg_escape_string ([ resource $connection ], string $data ) : string

pg_escape_string() escapes a string for querying the database. It returns an escaped string in the PostgreSQL format without quotes. pg_escape_literal() is more preferred way to escape SQL parameters for PostgreSQL. addslashes() must not be used with PostgreSQL. If the type of the column is bytea, pg_escape_bytea() must be used instead. pg_escape_identifier() must be used to escape identifiers (e.g. table names, field names)

Notă:

This function requires PostgreSQL 7.2 or later.

Parametri

connection

PostgreSQL database connection resource. When connection is not present, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect().

data

A string containing text to be escaped.

Valorile întoarse

A string containing the escaped data.

Istoricul schimbărilor

Versiune Descriere
5.2.0 connection added

Exemple

Example #1 pg_escape_string() example

<?php 
  
// Connect to the database
  
$dbconn pg_connect('dbname=foo');
  
  
// Read in a text file (containing apostrophes and backslashes)
  
$data file_get_contents('letter.txt');
  
  
// Escape the text data
  
$escaped pg_escape_string($data);
  
  
// Insert it into the database
  
pg_query("INSERT INTO correspondence (name, data) VALUES ('My letter', '{$escaped}')");
?>

A se vedea și