php-doc-en/reference/pgsql/functions/pg-send-query-params.xml

<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.1 $ -->
<!-- splitted from ./en/functions/pgsql.xml, last change in rev 1.2 -->
<refentry id='function.pg-send-query-params'>
 <refnamediv>
  <refname>pg_send_query_params</refname>
  <refpurpose>
   Sends asynchronous query, specifying query variables as separate parameters
  </refpurpose>
 </refnamediv>

 <refsect1 role="description">
  &reftitle.description;
  <methodsynopsis>
   <type>bool</type><methodname>pg_send_query_params</methodname>
   <methodparam><type>resource</type><parameter>connection</parameter></methodparam>
   <methodparam><type>string</type><parameter>query</parameter></methodparam>
   <methodparam><type>array</type><parameter>params</parameter></methodparam>
  </methodsynopsis>
  <para>
   <function>pg_send_query_params</function> works identically to
   <function>pg_send_query</function>, except that instead of putting
   query parameters directly into the <parameter>query</parameter>
   <type>string</type>, placeholders are used and the parameters are
   passed in separately.  Unlike <function>pg_send_query</function>,
   only one non-empty SQL statement can be executed at a time.
  </para>
  <para>
   Parameters passed in this way are automatically quoted and escaped
   if necessary.  This is an effective way of improving the security
   of your scripts and eliminating the need for manual quoting and
   escaping of parameters.
  </para>
  <para>Placeholders are indicated in the <parameter>query</parameter>
   by $1, $2, $3 and so on.  The first parameter will be substituted for
   $1, the second for $2, the third for $3.
  </para>
 </refsect1>

 <refsect1 role="examples">
  &reftitle.examples;
  <para>
   <example>
    <title>Using <function>pg_send_query_params</function></title>
    <programlisting role="php">
<![CDATA[
<?php
  $dbconn = pg_connect("dbname=publisher") or die("Could not connect");

  // Using parameters.  Note that it is not necessary to quote or escape
  // the parameter.
  pg_send_query_params($dbconn, 'select count(*) from authors where city = $1', array('Perth'));
  
  // Compare against basic pg_send_query usage
  $str = pg_escape_string('Perth');
  pg_send_query($dbconn, "select count(*) from authors where city = '${str}'");
?>
]]>
    </programlisting>
   </example> 
  </para>
 </refsect1>

 <refsect1 role="seealso">
  &reftitle.seealso;
  <para>
   <simplelist>
    <member><function>pg_send_query</function></member>
    <member><function>pg_connect</function></member>
    <member><function>pg_escape_string</function></member>
   </simplelist>
  </para>
 </refsect1>
</refentry>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"../../../../manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->
Add basic documentation for all the new pgsql module functions git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@182478 c90b9560-bf6c-de11-be94-00142212c4b1 2005-03-20 08:54:31 +00:00			`<?xml version="1.0" encoding="iso-8859-1"?>`
			`<!-- $Revision: 1.1 $ -->`
			`<!-- splitted from ./en/functions/pgsql.xml, last change in rev 1.2 -->`
			`<refentry id='function.pg-send-query-params'>`
			`<refnamediv>`
			`<refname>pg_send_query_params</refname>`
			`<refpurpose>`
			`Sends asynchronous query, specifying query variables as separate parameters`
			`</refpurpose>`
			`</refnamediv>`

			`<refsect1 role="description">`
			`&reftitle.description;`
			`<methodsynopsis>`
			`<type>bool</type><methodname>pg_send_query_params</methodname>`
			`<methodparam><type>resource</type><parameter>connection</parameter></methodparam>`
			`<methodparam><type>string</type><parameter>query</parameter></methodparam>`
			`<methodparam><type>array</type><parameter>params</parameter></methodparam>`
			`</methodsynopsis>`
			`<para>`
			`<function>pg_send_query_params</function> works identically to`
			`<function>pg_send_query</function>, except that instead of putting`
			`query parameters directly into the <parameter>query</parameter>`
			`<type>string</type>, placeholders are used and the parameters are`
			`passed in separately. Unlike <function>pg_send_query</function>,`
			`only one non-empty SQL statement can be executed at a time.`
			`</para>`
			`<para>`
			`Parameters passed in this way are automatically quoted and escaped`
			`if necessary. This is an effective way of improving the security`
			`of your scripts and eliminating the need for manual quoting and`
			`escaping of parameters.`
			`</para>`
			`<para>Placeholders are indicated in the <parameter>query</parameter>`
			`by $1, $2, $3 and so on. The first parameter will be substituted for`
			`$1, the second for $2, the third for $3.`
			`</para>`
			`</refsect1>`

			`<refsect1 role="examples">`
			`&reftitle.examples;`
			`<para>`
			`<example>`
			`<title>Using <function>pg_send_query_params</function></title>`
			`<programlisting role="php">`
			`<![CDATA[`
			`<?php`
			`$dbconn = pg_connect("dbname=publisher") or die("Could not connect");`

			`// Using parameters. Note that it is not necessary to quote or escape`
			`// the parameter.`
			`pg_send_query_params($dbconn, 'select count(*) from authors where city = $1', array('Perth'));`

			`// Compare against basic pg_send_query usage`
			`$str = pg_escape_string('Perth');`
			`pg_send_query($dbconn, "select count(*) from authors where city = '${str}'");`
			`?>`
			`]]>`
			`</programlisting>`
			`</example>`
			`</para>`
			`</refsect1>`

			`<refsect1 role="seealso">`
			`&reftitle.seealso;`
			`<para>`
			`<simplelist>`
			`<member><function>pg_send_query</function></member>`
			`<member><function>pg_connect</function></member>`
			`<member><function>pg_escape_string</function></member>`
			`</simplelist>`
			`</para>`
			`</refsect1>`
			`</refentry>`

			`<!-- Keep this comment at the end of the file`
			`Local variables:`
			`mode: sgml`
			`sgml-omittag:t`
			`sgml-shorttag:t`
			`sgml-minimize-attributes:nil`
			`sgml-always-quote-attributes:t`
			`sgml-indent-step:1`
			`sgml-indent-data:t`
			`indent-tabs-mode:nil`
			`sgml-parent-document:nil`
			`sgml-default-dtd-file:"../../../../manual.ced"`
			`sgml-exposed-tags:nil`
			`sgml-local-catalogs:nil`
			`sgml-local-ecat-files:nil`
			`End:`
			`vim600: syn=xml fen fdm=syntax fdl=2 si`
			`vim: et tw=78 syn=sgml`
			`vi: ts=1 sw=1`
			`-->`