<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Escape a literal for insertion into a text field</title> </head> <body><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.pg-escape-identifier.html">pg_escape_identifier</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.pg-escape-string.html">pg_escape_string</a></div> <div class="up"><a href="ref.pgsql.html">PostgreSQL Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div><hr /><div id="function.pg-escape-literal" class="refentry"> <div class="refnamediv"> <h1 class="refname">pg_escape_literal</h1> <p class="verinfo">(PHP 5 >= 5.4.4)</p><p class="refpurpose"><span class="refname">pg_escape_literal</span> — <span class="dc-title"> Escape a literal for insertion into a text field </span></p> </div> <div class="refsect1 description" id="refsect1-function.pg-escape-literal-description"> <h3 class="title">Description</h3> <div class="methodsynopsis dc-description"> <span class="type">string</span> <span class="methodname"><strong>pg_escape_literal</strong></span> ([ <span class="methodparam"><span class="type">resource</span> <code class="parameter">$connection</code></span> ], <span class="methodparam"><span class="type">string</span> <code class="parameter">$data</code></span> )</div> <p class="para rdfs-comment"> <span class="function"><strong>pg_escape_literal()</strong></span> escapes a literal for querying the PostgreSQL database. It returns an escaped literal in the PostgreSQL format. <span class="function"><strong>pg_escape_literal()</strong></span> adds quotes before and after data. Users should not add quotes. Use of this function is recommended instead of <span class="function"><a href="function.pg-escape-string.html" class="function">pg_escape_string()</a></span>. If the type of the column is bytea, <span class="function"><a href="function.pg-escape-bytea.html" class="function">pg_escape_bytea()</a></span> must be used instead. For escaping identifiers (e.g. table, field names), <span class="function"><a href="function.pg-escape-identifier.html" class="function">pg_escape_identifier()</a></span> must be used. </p> <blockquote class="note"><p><strong class="note">Note</strong>: <p class="para"> This function has internal escape code and can also be used with PostgreSQL 8.4 or less. </p> </p></blockquote> </div> <div class="refsect1 parameters" id="refsect1-function.pg-escape-literal-parameters"> <h3 class="title">Parameters</h3> <p class="para"> <dl> <dt> <span class="term"><em><code class="parameter">connection</code></em></span> <dd> <p class="para"> PostgreSQL database connection resource. When <em><code class="parameter">connection</code></em> is not present, the default connection is used. The default connection is the last connection made by <span class="function"><a href="function.pg-connect.html" class="function">pg_connect()</a></span> or <span class="function"><a href="function.pg-pconnect.html" class="function">pg_pconnect()</a></span>. </p> </dd> </dt> <dt> <span class="term"><em><code class="parameter">data</code></em></span> <dd> <p class="para"> A <span class="type"><a href="language.types.string.html" class="type string">string</a></span> containing text to be escaped. </p> </dd> </dt> </dl> </p> </div> <div class="refsect1 returnvalues" id="refsect1-function.pg-escape-literal-returnvalues"> <h3 class="title">Return Values</h3> <p class="para"> A <span class="type"><a href="language.types.string.html" class="type string">string</a></span> containing the escaped data. </p> </div> <div class="refsect1 examples" id="refsect1-function.pg-escape-literal-examples"> <h3 class="title">Examples</h3> <p class="para"> <div class="example" id="example-2061"> <p><strong>Example #1 <span class="function"><strong>pg_escape_literal()</strong></span> example</strong></p> <div class="example-contents"> <div class="phpcode"><code><span style="color: #000000"> <span style="color: #0000BB"><?php <br /> </span><span style="color: #FF8000">// Connect to the database<br /> </span><span style="color: #0000BB">$dbconn </span><span style="color: #007700">= </span><span style="color: #0000BB">pg_connect</span><span style="color: #007700">(</span><span style="color: #DD0000">'dbname=foo'</span><span style="color: #007700">);<br /> <br /> </span><span style="color: #FF8000">// Read in a text file (containing apostrophes and backslashes)<br /> </span><span style="color: #0000BB">$data </span><span style="color: #007700">= </span><span style="color: #0000BB">file_get_contents</span><span style="color: #007700">(</span><span style="color: #DD0000">'letter.txt'</span><span style="color: #007700">);<br /> <br /> </span><span style="color: #FF8000">// Escape the text data<br /> </span><span style="color: #0000BB">$escaped </span><span style="color: #007700">= </span><span style="color: #0000BB">pg_escape_literal</span><span style="color: #007700">(</span><span style="color: #0000BB">$data</span><span style="color: #007700">);<br /> <br /> </span><span style="color: #FF8000">// Insert it into the database. Note that no quotes around {$escaped}<br /> </span><span style="color: #0000BB">pg_query</span><span style="color: #007700">(</span><span style="color: #DD0000">"INSERT INTO correspondence (name, data) VALUES ('My letter', </span><span style="color: #007700">{</span><span style="color: #0000BB">$escaped</span><span style="color: #007700">}</span><span style="color: #DD0000">)"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">?></span> </span> </code></div> </div> </div> </p> </div> <div class="refsect1 seealso" id="refsect1-function.pg-escape-literal-seealso"> <h3 class="title">See Also</h3> <p class="para"> <ul class="simplelist"> <li class="member"> <span class="function"><a href="function.pg-escape-identifier.html" class="function" rel="rdfs-seeAlso">pg_escape_identifier()</a> - Escape a identifier for insertion into a text field</span></li> <li class="member"> <span class="function"><a href="function.pg-escape-bytea.html" class="function" rel="rdfs-seeAlso">pg_escape_bytea()</a> - Escape a string for insertion into a bytea field</span></li> <li class="member"> <span class="function"><a href="function.pg-escape-string.html" class="function" rel="rdfs-seeAlso">pg_escape_string()</a> - Escape a string for query</span></li> </ul> </p> </div> </div><hr /><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.pg-escape-identifier.html">pg_escape_identifier</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.pg-escape-string.html">pg_escape_string</a></div> <div class="up"><a href="ref.pgsql.html">PostgreSQL Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div></body></html>