pg_escape_identifier

Escape a identifier for insertion into a text field

Description

string pg_escape_identifier(PgSql\Connection $connection = ?, string $data)

pg_escape_identifier escapes a identifier (e.g. table, field names) for querying the database. It returns an escaped identifier string for PostgreSQL server. pg_escape_identifier adds double quotes before and after data. Users should not add double quotes. Use of this function is recommended for identifier parameters in query. For SQL literals (i.e. parameters except bytea), pg_escape_literal or pg_escape_string must be used. For bytea type fields, pg_escape_bytea must be used instead.

Note:

This function has internal escape code and can also be used with PostgreSQL 8.4 or less.

Parameters

connection

An PgSql\Connection instance. When connection is unspecified, the default connection is used. The default connection is the last connection made by pg_connect or pg_pconnect.

Warning

As of PHP 8.1.0, using the default connection is deprecated.

data

A string containing text to be escaped.

Return Values

A string containing the escaped data.

Changelog

Version Description
8.1.0 The connection parameter expects an PgSql\Connection instance now; previously, a resource was expected.

Examples

Example #1 pg_escape_identifier example

<?php 
  // Connect to the database
  $dbconn = pg_connect('dbname=foo');
  
  // Escape the table name data
  $escaped = pg_escape_identifier($table_name);
  
  // Select rows from $table_name
  pg_query("SELECT * FROM {$escaped};");
?>

See Also

  • pg_escape_literal
  • pg_escape_bytea
  • pg_escape_string