1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
<?xml version="1.0" encoding="utf-8"?>
<refentry xml:id="pdo-pgsql.escapeidentifier" xmlns="http://docbook.org/ns/docbook">
<refnamediv>
<refname>Pdo\Pgsql::escapeIdentifier</refname>
<refpurpose>Escapes a string for use as an SQL identifier</refpurpose>
</refnamediv>
<refsect1 role="description">
&reftitle.description;
<methodsynopsis role="Pdo\\Pgsql">
<modifier>public</modifier> <type>string</type><methodname>Pdo\Pgsql::escapeIdentifier</methodname>
<methodparam><type>string</type><parameter>input</parameter></methodparam>
</methodsynopsis>
<simpara>
Escapes a string for use as an SQL identifier, such as a table, column, or function name.
This is useful when a user-supplied identifier might contain special characters
that would otherwise not be interpreted as part of the identifier by the SQL parser,
or when the identifier might contain upper case characters whose case should be preserved.
</simpara>
</refsect1>
<refsect1 role="parameters">
&reftitle.parameters;
<variablelist>
<varlistentry>
<term><parameter>input</parameter></term>
<listitem>
<simpara>
A <type>string</type> containing text to be escaped.
</simpara>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 role="returnvalues">
&reftitle.returnvalues;
<simpara>
A <type>string</type> containing the escaped data.
</simpara>
</refsect1>
<refsect1 role="examples">
&reftitle.examples;
<example xml:id="pdo-pgsql.escapeidentifier.example.basic">
<title><methodname>Pdo\Pgsql::escapeIdentifier</methodname> example</title>
<programlisting role="php">
<![CDATA[
<?php
$pdo = new Pdo\Pgsql('pgsql:dbname=test host=localhost', $user, $pass);
$unescapedTableName = 'UnescapedTableName';
$pdo->exec("CREATE TABLE $unescapedTableName ()");
$escapedTableName = $pdo->escapeIdentifier('EscapedTableName');
$pdo->exec("CREATE TABLE $escapedTableName ()");
$statement = $pdo->query(
"SELECT relname FROM pg_stat_user_tables WHERE relname ilike '%tablename'"
);
var_export($statement->fetchAll(PDO::FETCH_COLUMN, 0));
$tableNameWithSymbols = 'Table-Name-With-Symbols';
$pdo->exec("CREATE TABLE $tableNameWithSymbols ()");
?>
]]>
</programlisting>
&example.outputs.similar;
<screen>
<![CDATA[
array (
0 => 'unescapedtablename',
1 => 'EscapedTableName',
)
Fatal error: Uncaught PDOException: SQLSTATE[42601]: Syntax error: 7 ERROR: syntax error at or near "Table"
LINE 1: CREATE TABLE Table-Name-With-Symbols ()
]]>
</screen>
</example>
</refsect1>
<refsect1 role="seealso">
&reftitle.seealso;
<simplelist>
<member><methodname>PDO::quote</methodname></member>
</simplelist>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->
|
