PHP Conference Nagoya 2025

    Pdo\Pgsql::escapeIdentifier

    (PHP 8 >= 8.4.0)

    Pdo\Pgsql::escapeIdentifierEscapes a string for use as an SQL identifier

    Beschreibung

    public Pdo\Pgsql::escapeIdentifier(string $input): string

    Escapes a string for use as an SQL identifier, such as a table, column, or function name. This is useful when a user-supplied identifier might contain special characters that would otherwise not be interpreted as part of the identifier by the SQL parser, or when the identifier might contain upper case characters whose case should be preserved.

    Parameter-Liste

    input
    A string containing text to be escaped.

    Rückgabewerte

    A string containing the escaped data.

    Beispiele

    Beispiel #1 Pdo\Pgsql::escapeIdentifier() example

    <?php
    $pdo     = new Pdo\Pgsql('pgsql:dbname=test host=localhost', $user, $pass);

    $unescapedTableName = 'UnescapedTableName';
    $pdo->exec("CREATE TABLE $unescapedTableName ()");

    $escapedTableName = $pdo->escapeIdentifier('EscapedTableName');
    $pdo->exec("CREATE TABLE $escapedTableName ()");

    $statement = $pdo->query(
    "SELECT relname FROM pg_stat_user_tables WHERE relname ilike '%tablename'"
    );

    var_export($statement->fetchAll(PDO::FETCH_COLUMN, 0));

    $tableNameWithSymbols = 'Table-Name-With-Symbols';
    $pdo->exec("CREATE TABLE $tableNameWithSymbols ()");
    ?>

    Das oben gezeigte Beispiel erzeugt eine ähnliche Ausgabe wie:

    array (
  0 => 'unescapedtablename',
  1 => 'EscapedTableName',
)
Fatal error: Uncaught PDOException: SQLSTATE[42601]: Syntax error: 7 ERROR:  syntax error at or near "Table"
LINE 1: CREATE TABLE Table-Name-With-Symbols ()

    Siehe auch

    • PDO::quote() - Setzt eine Zeichenkette für die Verwendung in einer Abfrage in Anführungszeichen

    Found A Problem?

    Learn How To Improve This PageSubmit a Pull RequestReport a Bug
    add a note

    User Contributed Notes

    There are no user contributed notes for this page.
    To Top