pg_escape_identifier
(PHP 5 >= 5.4.4, PHP 7)
pg_escape_identifier — Escape a identifier for insertion into a text field
Description
pg_escape_identifier ([ resource $connection ], string $data ) : string
pg_escape_identifier() escapes a identifier (e.g. table, field names) for querying the database. It returns an escaped identifier string for PostgreSQL server. pg_escape_identifier() adds double quotes before and after data. Users should not add double quotes. Use of this function is recommended for identifier parameters in query. For SQL literals (i.e. parameters except bytea), pg_escape_literal() or pg_escape_string() must be used. For bytea type fields, pg_escape_bytea() must be used instead.
Note:
This function has internal escape code and can also be used with PostgreSQL 8.4 or less.
Parameters
-
connection
-
PostgreSQL database connection resource. When
connection
is not present, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect(). -
data
-
A string containing text to be escaped.
Return Values
A string containing the escaped data.
Examples
Example #1 pg_escape_identifier() example
<?php // Connect to the database $dbconn = pg_connect('dbname=foo'); // Escape the table name data $escaped = pg_escape_identifier($table_name); // Select rows from $table_name pg_query("SELECT * FROM {$escaped};"); ?>
See Also
- pg_escape_literal() - Escape a literal for insertion into a text field
- pg_escape_bytea() - Escape a string for insertion into a bytea field
- pg_escape_string() - Escape a string for query
© 1997–2020 The PHP Documentation Group
Licensed under the Creative Commons Attribution License v3.0 or later.
https://www.php.net/manual/en/function.pg-escape-identifier.php