Driver_Database_Driver_Postgre::escape

Sanitize a string by escaping characters that could cause an SQL injection attack.

$value = $db->escape('any string');

string Driver_Database_Driver_Postgre::escape( string $value )

参数列表

参数类型描述默认值

$value string Value to quote

参数	类型	描述	默认值
`$value`	`string`	Value to quote

返回值

string

File: ./drivers/database/postgre/postgre.class.php

387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413 public function escape($value)
{
    $this->_change_charset($value);
 
    if (is_array($value))
    {
        foreach ($value as $key => $val)
        {
            $value[$key] = $this->escape($val);
        }
        return $value;
    }
    elseif (is_string($value) || (is_object($value) && method_exists($value, '__toString')))
    {
        return "'". pg_escape_string($value) ."'";
    }
    elseif (is_bool($value))
    {
        return ($value === false) ? 0 : 1;
    }
    elseif ($value === null)
    {
        return 'NULL';
    }
 
    return $value;
}