选择语言 :

 Driver_Database_Driver_Postgre::escape

Sanitize a string by escaping characters that could cause an SQL injection attack.

$value = $db->escape('any string');

string Driver_Database_Driver_Postgre::escape( string $value )

参数列表

参数 类型 描述 默认值
$value string Value to quote
返回值
  • string
File: ./drivers/database/postgre/postgre.class.php
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
public function escape($value)
{
    $this->_change_charset($value);
 
    if (is_array($value))
    {
        foreach ($value as $key => $val)
        {
            $value[$key] = $this->escape($val);
        }
        return $value;
    }
    elseif (is_string($value) || (is_object($value) && method_exists($value, '__toString')))
    {
        return "'". pg_escape_string($value) ."'";
    }
    elseif (is_bool($value))
    {
        return ($value === false) ? 0 : 1;
    }
    elseif ($value === null)
    {
        return 'NULL';
    }
 
    return $value;
}