<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Execute a query</title> </head> <body><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.pg-query-params.html">pg_query_params</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.pg-result-error-field.html">pg_result_error_field</a></div> <div class="up"><a href="ref.pgsql.html">PostgreSQL Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div><hr /><div id="function.pg-query" class="refentry"> <div class="refnamediv"> <h1 class="refname">pg_query</h1> <p class="verinfo">(PHP 4 >= 4.2.0, PHP 5)</p><p class="refpurpose"><span class="refname">pg_query</span> — <span class="dc-title">Execute a query</span></p> </div> <div class="refsect1 description" id="refsect1-function.pg-query-description"> <h3 class="title">Description</h3> <div class="methodsynopsis dc-description"> <span class="type">resource</span> <span class="methodname"><strong>pg_query</strong></span> ([ <span class="methodparam"><span class="type">resource</span> <code class="parameter">$connection</code></span> ], <span class="methodparam"><span class="type">string</span> <code class="parameter">$query</code></span> )</div> <p class="para rdfs-comment"> <span class="function"><strong>pg_query()</strong></span> executes the <em><code class="parameter">query</code></em> on the specified database <em><code class="parameter">connection</code></em>. <span class="function"><a href="function.pg-query-params.html" class="function">pg_query_params()</a></span> should be preferred in most cases. </p> <p class="para"> If an error occurs, and <strong><code>FALSE</code></strong> is returned, details of the error can be retrieved using the <span class="function"><a href="function.pg-last-error.html" class="function">pg_last_error()</a></span> function if the connection is valid. </p> <p class="para"> <blockquote class="note"><p><strong class="note">Note</strong>: <span class="simpara"> Although <em><code class="parameter">connection</code></em> can be omitted, it is not recommended, since it can be the cause of hard to find bugs in scripts. </span> </p></blockquote> </p> <blockquote class="note"><p><strong class="note">Note</strong>: <p class="para"> This function used to be called <span class="function"><strong>pg_exec()</strong></span>. <span class="function"><strong>pg_exec()</strong></span> is still available for compatibility reasons, but users are encouraged to use the newer name. </p> </p></blockquote> </div> <div class="refsect1 parameters" id="refsect1-function.pg-query-parameters"> <h3 class="title">Parameters</h3> <p class="para"> <dl> <dt> <span class="term"><em><code class="parameter">connection</code></em></span> <dd> <p class="para"> PostgreSQL database connection resource. When <em><code class="parameter">connection</code></em> is not present, the default connection is used. The default connection is the last connection made by <span class="function"><a href="function.pg-connect.html" class="function">pg_connect()</a></span> or <span class="function"><a href="function.pg-pconnect.html" class="function">pg_pconnect()</a></span>. </p> </dd> </dt> <dt> <span class="term"><em><code class="parameter">query</code></em></span> <dd> <p class="para"> The SQL statement or statements to be executed. When multiple statements are passed to the function, they are automatically executed as one transaction, unless there are explicit BEGIN/COMMIT commands included in the query string. However, using multiple transactions in one function call is not recommended. </p> <div class="warning"><strong class="warning">Warning</strong> <p class="para"> String interpolation of user-supplied data is extremely dangerous and is likely to lead to <a href="security.database.sql-injection.html" class="link">SQL injection</a> vulnerabilities. In most cases <span class="function"><a href="function.pg-query-params.html" class="function">pg_query_params()</a></span> should be preferred, passing user-supplied values as parameters rather than substituting them into the query string. </p> <p class="para"> Any user-supplied data substituted directly into a query string should be <a href="function.pg-escape-string.html" class="link">properly escaped</a>. </p> </div> </dd> </dt> </dl> </p> </div> <div class="refsect1 returnvalues" id="refsect1-function.pg-query-returnvalues"> <h3 class="title">Return Values</h3> <p class="para"> A query result resource on success or <strong><code>FALSE</code></strong> on failure. </p> </div> <div class="refsect1 examples" id="refsect1-function.pg-query-examples"> <h3 class="title">Examples</h3> <p class="para"> <div class="example" id="example-2110"> <p><strong>Example #1 <span class="function"><strong>pg_query()</strong></span> example</strong></p> <div class="example-contents"> <div class="phpcode"><code><span style="color: #000000"> <span style="color: #0000BB"><?php<br /><br />$conn </span><span style="color: #007700">= </span><span style="color: #0000BB">pg_pconnect</span><span style="color: #007700">(</span><span style="color: #DD0000">"dbname=publisher"</span><span style="color: #007700">);<br />if (!</span><span style="color: #0000BB">$conn</span><span style="color: #007700">) {<br /> echo </span><span style="color: #DD0000">"An error occurred.\n"</span><span style="color: #007700">;<br /> exit;<br />}<br /><br /></span><span style="color: #0000BB">$result </span><span style="color: #007700">= </span><span style="color: #0000BB">pg_query</span><span style="color: #007700">(</span><span style="color: #0000BB">$conn</span><span style="color: #007700">, </span><span style="color: #DD0000">"SELECT author, email FROM authors"</span><span style="color: #007700">);<br />if (!</span><span style="color: #0000BB">$result</span><span style="color: #007700">) {<br /> echo </span><span style="color: #DD0000">"An error occurred.\n"</span><span style="color: #007700">;<br /> exit;<br />}<br /><br />while (</span><span style="color: #0000BB">$row </span><span style="color: #007700">= </span><span style="color: #0000BB">pg_fetch_row</span><span style="color: #007700">(</span><span style="color: #0000BB">$result</span><span style="color: #007700">)) {<br /> echo </span><span style="color: #DD0000">"Author: </span><span style="color: #0000BB">$row</span><span style="color: #007700">[</span><span style="color: #0000BB">0</span><span style="color: #007700">]</span><span style="color: #DD0000"> E-mail: </span><span style="color: #0000BB">$row</span><span style="color: #007700">[</span><span style="color: #0000BB">1</span><span style="color: #007700">]</span><span style="color: #DD0000">"</span><span style="color: #007700">;<br /> echo </span><span style="color: #DD0000">"<br />\n"</span><span style="color: #007700">;<br />}<br /> <br /></span><span style="color: #0000BB">?></span> </span> </code></div> </div> </div> </p> <p class="para"> <div class="example" id="example-2111"> <p><strong>Example #2 Using <span class="function"><strong>pg_query()</strong></span> with multiple statements</strong></p> <div class="example-contents"> <div class="phpcode"><code><span style="color: #000000"> <span style="color: #0000BB"><?php<br /><br />$conn </span><span style="color: #007700">= </span><span style="color: #0000BB">pg_pconnect</span><span style="color: #007700">(</span><span style="color: #DD0000">"dbname=publisher"</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">// these statements will be executed as one transaction<br /><br /></span><span style="color: #0000BB">$query </span><span style="color: #007700">= </span><span style="color: #DD0000">"UPDATE authors SET author=UPPER(author) WHERE id=1;"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$query </span><span style="color: #007700">.= </span><span style="color: #DD0000">"UPDATE authors SET author=LOWER(author) WHERE id=2;"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$query </span><span style="color: #007700">.= </span><span style="color: #DD0000">"UPDATE authors SET author=NULL WHERE id=3;"</span><span style="color: #007700">;<br /><br /></span><span style="color: #0000BB">pg_query</span><span style="color: #007700">(</span><span style="color: #0000BB">$conn</span><span style="color: #007700">, </span><span style="color: #0000BB">$query</span><span style="color: #007700">);<br /><br /></span><span style="color: #0000BB">?></span> </span> </code></div> </div> </div> </p> </div> <div class="refsect1 seealso" id="refsect1-function.pg-query-seealso"> <h3 class="title">See Also</h3> <p class="para"> <ul class="simplelist"> <li class="member"> <span class="function"><a href="function.pg-connect.html" class="function" rel="rdfs-seeAlso">pg_connect()</a> - Open a PostgreSQL connection</span></li> <li class="member"> <span class="function"><a href="function.pg-pconnect.html" class="function" rel="rdfs-seeAlso">pg_pconnect()</a> - Open a persistent PostgreSQL connection</span></li> <li class="member"> <span class="function"><a href="function.pg-fetch-array.html" class="function" rel="rdfs-seeAlso">pg_fetch_array()</a> - Fetch a row as an array</span></li> <li class="member"> <span class="function"><a href="function.pg-fetch-object.html" class="function" rel="rdfs-seeAlso">pg_fetch_object()</a> - Fetch a row as an object</span></li> <li class="member"> <span class="function"><a href="function.pg-num-rows.html" class="function" rel="rdfs-seeAlso">pg_num_rows()</a> - Returns the number of rows in a result</span></li> <li class="member"> <span class="function"><a href="function.pg-affected-rows.html" class="function" rel="rdfs-seeAlso">pg_affected_rows()</a> - Returns number of affected records (tuples)</span></li> </ul> </p> </div> </div><hr /><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.pg-query-params.html">pg_query_params</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.pg-result-error-field.html">pg_result_error_field</a></div> <div class="up"><a href="ref.pgsql.html">PostgreSQL Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div></body></html>