本文整理汇总了PHP中pg_escape_literal函数的典型用法代码示例。如果您正苦于以下问题:PHP pg_escape_literal函数的具体用法?PHP pg_escape_literal怎么用?PHP pg_escape_literal使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了pg_escape_literal函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: escapeString
function escapeString($string)
{
self::connect();
if (version_compare(PHP_VERSION, "5.2", "<")) {
return "'" . pg_escape_string($string) . "'";
} else {
if (version_compare(PHP_VERSION, "5.4", "<")) {
return "'" . pg_escape_string($this->connection, $string) . "'";
} else {
return pg_escape_literal($this->connection, $string);
}
}
}示例2: addItemToDB
function addItemToDB($name, $description, $price, $picture = "", $seller = "", $status = 'For sale')
{
$name = pg_escape_literal($name);
$description = pg_escape_literal($description);
$picture = pg_escape_literal($picture);
$seller = pg_escape_literal($seller);
$status = pg_escape_literal($status);
$price = floatval($price);
$query = 'INSERT INTO "items" (name,description,picture,seller,status,price) VALUES (' . "{$name},{$description},{$picture},{$seller},{$status},{$price}) RETURNING id;";
$id = runQuery($query);
runQuery('UPDATE "items" SET postlink = \'/item.php?id=' . $id[0]['id'] . '\' WHERE id = ' . $id[0]['id']);
return $id;
}示例3: esc
public function esc($data, $mode = self::STRING)
{
switch ($mode) {
case "literal":
$data = pg_escape_literal($this->connection, $data);
break;
case "bytea":
$data = pg_escape_bytea($this->connection, $data);
break;
default:
$data = pg_escape_string($this->connection, $data);
break;
}
return $data;
}示例4: setPassword
private function setPassword($password)
{
# Check dependencies
self::dependencies(isset($this->albumIDs));
if (strlen($password) > 0) {
# Get hashed password
$password = getHashedString($password);
# Set hashed password
# Do not prepare $password because it is hashed and save
# Preparing (escaping) the password would destroy the hash
$sql = "UPDATE albums SET password = " . pg_escape_literal($password) . " WHERE id = " . intval($this->albumIDs);
pg_query($db, $sql);
} else {
$sql = "UPDATE albums SET password = NULL WHERE id = " . intval($this->albumIDs);
pg_query($db, $sql);
}
return true;
}示例5: escape_literal
function escape_literal($value)
{
if ($value === NULL) {
return "NULL";
}
if ($value === FALSE) {
return "FALSE";
}
if ($value === TRUE) {
return "TRUE";
}
return pg_escape_literal($value);
}示例6: pg_fetch_row
$regmsg = "An error occurred with the database.\n";
} else {
$insrow = pg_fetch_row($insert);
$_SESSION["managerID"] = $insrow[0];
smartRedirect("tasks.php");
}
}
} else {
$regmsg = "One or more of your inputs were incorrect!";
}
}
if (isset($_POST["signin"])) {
$emailsign = $_POST["emailsign"];
$passsign = $_POST["passsign"];
if (filter_var($emailsign, FILTER_VALIDATE_EMAIL) !== false && preg_match("[a-zA-Z0-9@#\$%^&*_-!?<>]", $passsign) !== false) {
$filtemailsign = pg_escape_literal($emailsign);
$select = pg_query($db, "SELECT id,email,password FROM managers where email={$filtemailsign}");
if (!$select) {
$signmsg = "An error occurred with the database.";
}
if ($row = pg_fetch_row($select)) {
if (password_verify($passsign, $row[2]) !== false) {
$_SESSION["managerID"] = $row[0];
smartRedirect("tasks.php");
} else {
$signmsg = "Wrong password of manager!";
}
} else {
$signmsg = "No manager with such name exists!";
}
} else {示例7: elseif
if ($data === pg_unescape_bytea($row['bin'])) {
echo "pg_escape_bytea() actually works with database\n";
break;
} elseif (!$i) {
// Force bytea escaping and retry
@pg_query($db, "SET bytea_output = 'escape'");
} else {
$result = pg_query($db, $sql);
echo "pg_escape_bytea() is broken\n";
break;
}
}
// pg_escape_literal/pg_escape_identifier
$before = "ABC\\ABC\\'";
$expect = " E'ABC\\\\ABC\\\\'''";
$after = pg_escape_literal($before);
if ($expect === $after) {
echo "pg_escape_literal() is Ok\n";
} else {
echo "pg_escape_literal() is NOT Ok\n";
var_dump($before);
var_dump($after);
var_dump($expect);
}
$before = "ABC\\ABC\\'";
$expect = "\"ABC\\ABC\\'\"";
$after = pg_escape_identifier($before);
if ($expect === $after) {
echo "pg_escape_identifier() is Ok\n";
} else {
echo "pg_escape_identifier() is NOT Ok\n";示例8: escape
/**
* "Smart" Escape String
*
* Escapes data based on type
*
* @param string $str
* @return mixed
*/
public function escape($str)
{
if (is_php('5.4.4') && (is_string($str) or is_object($str) && method_exists($str, '__toString'))) {
return pg_escape_literal($this->conn_id, $str);
} elseif (is_bool($str)) {
return $str ? 'TRUE' : 'FALSE';
}
return parent::escape($str);
}示例9: escapeLiteral
/**
* @param string $literal
*
* @return string
*/
public function escapeLiteral($literal)
{
return pg_escape_literal($this->handler, $literal);
}示例10: instr
/**
* Escape strings array
* @param array $array
* @return string
*/
public function instr(array $array)
{
$array = array_map(function ($value) {
return pg_escape_literal((string) $value);
}, $array);
return sprintf('(%s)', implode(',', $array));
}示例11: insert
public function insert($tablename, array $record)
{
assert(is_string($tablename));
assert(strlen($tablename) > 0);
$columns = "";
$values = "";
// Early exit when creating a row with all default values
if (count($record) == 0) {
return $this->query('INSERT INTO ' . pg_escape_identifier($tablename) . ' DEFAULT VALUES');
}
foreach ($record as $key => $field) {
$columns .= ',' . pg_escape_identifier($key);
if (is_null($field)) {
$values .= ',NULL';
} else {
//if (is_string($field))
//{
// $values .= ',' . pg_escape_literal($field);
//}
//else
if (is_bool($field)) {
// Check for boolean and convert to SQL true or false
if ($field) {
$values .= ',true';
} else {
$values .= ',false';
}
} else {
if (is_array($field)) {
throw new DatabaseException('Insert can not handle array types');
} else {
$values .= ',' . pg_escape_literal($field);
}
}
}
}
$columns = substr($columns, 1);
// chop first ','
$values = substr($values, 1);
$result = $this->query('INSERT INTO ' . pg_escape_identifier($tablename) . ' (' . $columns . ') VALUES (' . $values . ')');
if ($result->affected_rows() != 1) {
throw new DatabaseException('Expected a single row inserted');
}
return $result;
}示例12: escape
function escape($string)
{
return pg_escape_literal($string);
}示例13: pg_escape_literal
} else {
$editmsg = "One or more of your inputs were incorrect!";
}
}
// Code to add a task
if (isset($_POST["addLink"])) {
$addcheck = 0;
$addtitle = $_POST["addtitle"];
$addmember = $_POST["addmem"];
$addstart = $_POST["addstart"];
$addend = $_POST["addend"];
if (preg_match("[a-zA-Z- ]", $addtitle) !== false && $_POST["addend"] > $_POST["addstart"]) {
$filttitle = pg_escape_literal($addtitle);
$filtstart = pg_escape_literal($addstart);
$filtend = pg_escape_literal($addend);
$filtmem = pg_escape_literal($addmember);
$select = pg_query($db, "SELECT title FROM tasks where title={$filttitle}");
if ($row = pg_fetch_row($select)) {
$addmsg = "Task with that title already exists";
} else {
$addcheck = 1;
$insert = pg_query($db, "INSERT into tasks (title,startdate,enddate,status) \n\t\t\t\tVALUES ({$filttitle},{$filtstart},{$filtend}, 1) RETURNING id");
$insrow = pg_fetch_row($insert);
$insert = pg_query($db, "INSERT into taskmembers (task_id,member_id) \n\t\t\t\tVALUES ('{$insrow['0']}',{$filtmem})");
$addmsg = "Task added successfully";
}
} else {
$addmsg = "One or more of your inputs were incorrect!";
}
}
echo '<div class="mid">';示例14: pg_escape_literal
<?php
include 'assets/class.php';
$news_id = pg_escape_literal($_GET['news_id']);
// Not yet implemented in Cobol back-end
// pg_query("DELETE FROM tbl_news WHERE news_id = $news_id LIMIT 1");
$Success->set("Emma, Jessica, Peter och Bertil");
header('location: index.php');示例15: prepareQuery
protected function prepareQuery($query, $params)
{
if (!is_array($params)) {
return $query;
}
reset($params);
$this->modifyQuery($query, function ($part) use(&$params) {
$newPart = "";
while ($pos = strpos($part, "?")) {
$newPart .= substr($part, 0, $pos);
$part = substr($part, $pos + 1);
$value = current($params);
next($params);
switch (gettype($value)) {
case "boolean":
$value = (int) $value;
break;
case "integer":
case "double":
break;
case "NULL":
$value = "NULL";
break;
default:
switch ($this->mode) {
case "mysql":
$value = $this->server->real_escape_string($value);
break;
case "postgres":
case "redshift":
$value = pg_escape_literal($this->server, $value);
break;
case "sqlite":
$value = $this->server->escapeString($value);
break;
case "mssql":
case "odbc":
$value = str_replace("'", "''", $value);
break;
}
# Postgres does it's own quoting
if (!in_array($this->mode, ["postgres", "redshift"], true)) {
$value = "'" . $value . "'";
}
break;
}
$newPart .= $value;
}
return $newPart . $part;
});
return $query;
}