WeberDev.com -> PHP Manual -> Escape a string for insertion into a text field

Description

string pg_escape_string ([ resource $connection ], string $data )

pg_escape_string() escapes a string for insertion into the database. It returns an escaped string in the PostgreSQL format. Use of this function is recommended instead of addslashes(). If the type of the column is bytea, pg_escape_bytea() must be used instead.

Note: This function requires PostgreSQL 7.2 or later.

Parameters

connection: PostgreSQL database connection resource. When connection is not present, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect().
data: A string containing text to be escaped.

Return Values

A string containing the escaped data.

ChangeLog

Version	Description
5.2.0	`connection` added

Examples

Example #1 pg_escape_string() example

 <?php 
  // Connect to the database
  $dbconn = pg_connect('dbname=foo');
  
  // Read in a text file (containing apostrophes and backslashes)
  $data = file_get_contents('letter.txt');
  
  // Escape the text data
  $escaped = pg_escape_string($data);
  
  // Insert it into the database
  pg_query("INSERT INTO correspondence (name, data) VALUES ('My letter', '{$escaped}')");
?>

pg_escape_string

Description

Parameters

Return Values

ChangeLog

Examples

See Also