Home » API reference » database.pgsql.inc

db_escape_string

Versions
4.6 – 6
db_escape_string($text)

Prepare user input for use in a database query, preventing SQL injection attacks. Note: This function requires PostgreSQL 7.2 or later.

Related topics

Database abstraction layer
Allow the use of different database servers using the same code base.

▸ 11 functions call db_escape_string()

▾ 11 functions call db_escape_string()

comment_admin_overview in modules/comment.module
Menu callback; present an administrative comment listing.
comment_save_settings in modules/comment.module
locale_admin_string in modules/locale.module
Page handler for the string search and administration screen
node_load in modules/node.module
Load a node object from the database.
node_save in modules/node.module
Save a node object into the database.
tablesort_sql in includes/tablesort.inc
Create an SQL sort clause.
user_save in modules/user.module
Save changes to a user account.
watchdog_overview in modules/watchdog.module
Menu callback; displays a listing of log messages.
_locale_string_seek in includes/locale.inc
Perform a string search and display results in a table
_taxonomy_prepare_insert in modules/taxonomy.module
_taxonomy_prepare_update in modules/taxonomy.module

Code

includes/database.pgsql.inc, line 230

<?php
function db_escape_string($text) {
  return pg_escape_string($text);
}
?>
Login or register to post comments
 
 

All source code and documentation on this site is released under the terms of the GNU General Public License, version 2 and later. Drupal is a registered trademark of Dries Buytaert.