(PHP 5 >= 5.4.4)
pg_escape_identifier — Escape a identifier for insertion into a text field
说明
string pg_escape_identifier ([ resource$connection
], string $data
)
pg_escape_identifier() escapes a identifier (e.g. table, field names) for quering the database. It returns an escaped identifier string for PostgreSQL server. pg_escape_identifier() adds double quotes before and after data. Users should not add double quotes. Use of this function is recommended for identifier parameters in query. For SQL literals (i.e. parameters except bytea), pg_escape_literal() or pg_escape_string() muse be used. For bytea type fields, pg_escape_bytea() must be used instead.
Note:
This function has internal escape code and can also be used with PostgreSQL 8.4 or less.
参数
connection
PostgreSQL database connection resource. When
connection
is not present, the default connection
is used. The default connection is the last connection made by
pg_connect() or pg_pconnect().
data
A string containing text to be escaped.
返回值
A string containing the escaped data.
范例
Example #1 pg_escape_identifier() example
<?php
// Connect to the database
$dbconn = pg_connect('dbname=foo');
// Escape the table name data
$escaped = pg_escape_identifier($table_name);
// Select rows from $table_name
pg_query("SELECT * FROM {$escaped};");
?>
参见
pg_escape_literal() - Escape a literal for insertion into a text field pg_escape_bytea() - 转义 bytea 类型的二进制数据 pg_escape_string() - 转义 text/char 类型的字符串