PHP resource::quote方法代码示例

 function q_str($value, $addquote = true)
 {
     if (!$this->conn) {
         $this->connect();
     }
     if (is_bool($value)) {
         return $value ? 1 : 0;
     }
     if (is_null($value)) {
         return 'NULL';
     }
     $value = stripslashes($value);
     if ($this->type == "PDO") {
         if ($addquote) {
             return $this->conn->quote($value);
         } else {
             return $value;
         }
     } else {
         if ($this->type == "SQLite3") {
             $value = $this->conn->escapeString($value);
             return $addquote ? "'" . $value . "'" : $value;
         } else {
             $value = sqlite_escape_string($value);
             return $addquote ? "'" . $value . "'" : $value;
         }
     }
 }

 /**
  * Quote Trusted Value
  *
  * The ability to quote values without notices
  *
  * @param $value
  * @return mixed
  */
 public function quoteTrustedValue($value)
 {
     if ($this->resource instanceof \PDO) {
         return $this->resource->quote($value);
     }
     return '\'' . str_replace('\'', '\'\'', $value) . '\'';
 }

 /**
  * Add items on the database
  *
  * @param Integer $feed_id ToDo desc
  * @param Array   $items   ToDo desc
  *
  * @return void
  */
 public function addItems($feed_id, $items)
 {
     if (empty($items)) {
         return;
     }
     $items = array_slice($items, 0, intval($this->getConfig('FeedTicker.itemsLimit', 5)));
     $dli = intval($this->getConfig('FeedTicker.dateLimit', 60 * 60 * 24 * 7));
     $dateLimit = time() - $dli;
     $q = $this->db->prepare('INSERT INTO ft_items (
             feed_id, updated, title, link, author, read
         ) VALUES (
             :feed_id, :updated, :title, :link, :author, :read
         )');
     foreach ($items as $i) {
         if (!empty($i['updated']) and $i['updated'] < $dateLimit) {
             continue;
         }
         // Check if this item already exists
         $sql = 'SELECT COUNT(*) FROM ft_items WHERE feed_id = ' . $this->db->quote($feed_id) . ' AND link = ' . $this->db->quote(trim($i['link']));
         $opa = $this->db->query($sql)->fetchColumn();
         if ((bool) $this->db->query($sql)->fetchColumn()) {
             continue;
         }
         $q->execute(array(':feed_id' => $feed_id, ':updated' => trim($i['updated']), ':title' => trim($i['title']), ':link' => trim($i['link']), ':author' => trim($i['author']), ':read' => 0));
     }
 }

 /**
  * {@inheritDoc}
  *
  * @param string $str  string to escape
  * @return string a string which is safe to insert into the db
  */
 function escapeString($str)
 {
     return substr($this->pdo->quote($str), 1, -1);
     /*
         pdo->quote adds quotes around string rather than
         just escape. As existing code then adds an additional
         pair of quotes we need to strip inner quotes
     */
 }

 /**
  * Quote Trusted Value
  *
  * The ability to quote values without notices
  *
  * @param $value
  * @return mixed
  */
 public function quoteTrustedValue($value)
 {
     if (is_resource($this->resource)) {
         return '\'' . pg_escape_string($this->resource, $value) . '\'';
     }
     if ($this->resource instanceof \PDO) {
         return $this->resource->quote($value);
     }
     return '\'' . addcslashes($value, "\n\r\\'\"") . '\'';
 }

 /**
  * 转义字符串
  *
  * @param string $value
  * @return mixed
  */
 function qstr($value)
 {
     if (is_bool($value)) {
         return $value ? $this->TRUE_VALUE : $this->FALSE_VALUE;
     }
     if (is_null($value)) {
         return $this->NULL_VALUE;
     }
     return $this->conn->quote($value);
 }

 /**
  * Add escape characters for importing data
  *
  * @param string $str String to parse
  * @return string
  */
 public function escapeString($string)
 {
     try {
         $string = $this->connection->quote($string);
         return substr($string, 1, -1);
     } catch (PDOException $e) {
         $this->_loadError($link, $e);
     }
     return false;
 }

 /**
  * {@inheritDoc}
  */
 public function quoteTrustedValue($value)
 {
     if ($this->resource instanceof DriverInterface) {
         $this->resource = $this->resource->getConnection()->getResource();
     }
     if ($this->resource instanceof \PDO) {
         return $this->resource->quote($value);
     }
     return '\'' . str_replace('\'', '\'\'', $value) . '\'';
 }

 /**
  * {@inheritDoc}
  */
 public function quoteTrustedValue($value)
 {
     if ($this->resource instanceof DriverInterface) {
         $this->resource = $this->resource->getConnection()->getResource();
     }
     if (is_resource($this->resource)) {
         return '\'' . pg_escape_string($this->resource, $value) . '\'';
     }
     if ($this->resource instanceof \PDO) {
         return $this->resource->quote($value);
     }
     return 'E' . parent::quoteTrustedValue($value);
 }

 public function escape($string)
 {
     if (get_magic_quotes_runtime()) {
         $string = stripslashes($string);
     }
     if (function_exists($this->db->real_escape_string)) {
         return $this->db->real_escape_string($string);
     } elseif (function_exists($this->db->quote)) {
         return $this->db->quote($string);
     } else {
         return $string;
     }
 }

 /**
  * Quote a string for a quote. Note you should generally use a bind!
  *  @param string $val Value to quote
  *  @param string $type Value type
  *  @return string
  */
 public function quote($val, $type = \PDO::PARAM_STR)
 {
     return $this->_db->quote($val, $type);
 }

 /**
  * Deletes old codes from sqlite database
  */
 protected function purgeOldCodesFromDatabase()
 {
     if ($this->use_database && $this->pdo_conn) {
         $now = time();
         $limit = !is_numeric($this->expiry_time) || $this->expiry_time < 1 ? 86400 : $this->expiry_time;
         $query = sprintf("DELETE FROM %s WHERE %s - created > %s", $this->database_table, $this->pdo_conn->quote($now, PDO::PARAM_INT), $this->pdo_conn->quote($limit, PDO::PARAM_INT));
         $result = $this->pdo_conn->query($query);
     }
 }

/** Save migration status to database
 *
 * @param resource $db DB link
 * @param string $file_name Migration file name
 *
 * @return boolean true on success, false on failure
 */
function migration_save($db, $file_name)
{
    $query = "INSERT INTO migrations (version, apply_time) VALUES(" . $db->quote($file_name, 'text') . "," . $db->quote(time(), 'text') . ")";
    return $db->query($query);
}

 /**
  * escape
  * @param string $sql
  * @param resource $connResource
  * @return string
  */
 public function escape($sql, $connResource)
 {
     // quote返回值带最前面和最后面的单引号, 这里去掉, DbHandler中加
     return trim($connResource->quote($sql), "'");
 }

 /**
  * Quotes a string for use in a query.
  *
  * @param string $string string to quote
  *
  * @return string
  * @deprecated since version 2.6.0 - alpha 3. Switch to doctrine connector.
  */
 public function quote($string)
 {
     $this->deprecated();
     return $this->conn->quote($string);
 }