-
Notifications
You must be signed in to change notification settings - Fork 788
/
Copy pathpg-escape-string.xml
138 lines (128 loc) · 3.52 KB
/
pg-escape-string.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<!-- splitted from ./en/functions/pgsql.xml, last change in rev 1.61 -->
<refentry xml:id='function.pg-escape-string' xmlns="http://docbook.org/ns/docbook">
<refnamediv>
<refname>pg_escape_string</refname>
<refpurpose>
Escape a string for query
</refpurpose>
</refnamediv>
<refsect1 role="description">
&reftitle.description;
<methodsynopsis>
<type>string</type><methodname>pg_escape_string</methodname>
<methodparam choice="opt"><type>PgSql\Connection</type><parameter>connection</parameter></methodparam>
<methodparam><type>string</type><parameter>data</parameter></methodparam>
</methodsynopsis>
<para>
<function>pg_escape_string</function> escapes a string for querying
the database. It returns an escaped string in the PostgreSQL
format without quotes. <function>pg_escape_literal</function> is
more preferred way to escape SQL parameters for PostgreSQL.
<function>addslashes</function> must not be used with PostgreSQL.
If the type of the column is
bytea, <function>pg_escape_bytea</function> must be used
instead. <function>pg_escape_identifier</function> must be used to
escape identifiers (e.g. table names, field names)
</para>
<note>
<para>
This function requires PostgreSQL 7.2 or later.
</para>
</note>
</refsect1>
<refsect1 role="parameters">
&reftitle.parameters;
<para>
<variablelist>
<varlistentry>
<term><parameter>connection</parameter></term>
<listitem>
&pgsql.parameter.connection-with-unspecified-default;
</listitem>
</varlistentry>
<varlistentry>
<term><parameter>data</parameter></term>
<listitem>
<para>
A <type>string</type> containing text to be escaped.
</para>
</listitem>
</varlistentry>
</variablelist>
</para>
</refsect1>
<refsect1 role="returnvalues">
&reftitle.returnvalues;
<para>
A <type>string</type> containing the escaped data.
</para>
</refsect1>
<refsect1 role="changelog">
&reftitle.changelog;
<informaltable>
<tgroup cols="2">
<thead>
<row>
<entry>&Version;</entry>
<entry>&Description;</entry>
</row>
</thead>
<tbody>
&pgsql.changelog.connection-object;
</tbody>
</tgroup>
</informaltable>
</refsect1>
<refsect1 role="examples">
&reftitle.examples;
<para>
<example>
<title><function>pg_escape_string</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// Connect to the database
$dbconn = pg_connect('dbname=foo');
// Read in a text file (containing apostrophes and backslashes)
$data = file_get_contents('letter.txt');
// Escape the text data
$escaped = pg_escape_string($data);
// Insert it into the database
pg_query("INSERT INTO correspondence (name, data) VALUES ('My letter', '{$escaped}')");
?>
]]>
</programlisting>
</example>
</para>
</refsect1>
<refsect1 role="seealso">
&reftitle.seealso;
<para>
<simplelist>
<member><function>pg_escape_bytea</function></member>
</simplelist>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->