Home

db_query

Definition

db_query($query)
includes/database.inc, line 144

Description

Runs a basic query in the active database.

User-supplied arguments to the query should be passed in as separate parameters so that they can be properly escaped to avoid SQL injection attacks.

Parameters

$query A string containing an SQL query.

... A variable number of arguments which are substituted into the query using printf) syntax. Instead of a variable number of query arguments, you may also pass a single array containing the query arguments.

Return value

A database query result resource, or FALSE if the query was not executed correctly.

Related topics

Namesort iconDescription
Database abstraction layerAllow the use of different database servers using the same code base.

Code

<?php
function db_query($query) {
  $args = func_get_args();
  $query = db_prefix_tables($query);
  if (count($args) > 1) {
    if (is_array($args[1])) {
      $args = array_merge(array($query), $args[1]);
    }
    $args = array_map('db_escape_string', $args);
    $args[0] = $query;
    $query = call_user_func_array('sprintf', $args);
  }
  return _db_query($query);
}
?>
 
 

All source code and documentation on this site is released under the terms of the GNU General Public License, version 2 and later. Drupal is a registered trademark of Dries Buytaert.