mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-20 19:08:54 +00:00
180 lines
5.6 KiB
XML
180 lines
5.6 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- $Revision$ -->
|
|
<!-- splitted from ./en/functions/pgsql.xml, last change in rev 1.80 -->
|
|
<refentry xml:id="function.pg-select" xmlns="http://docbook.org/ns/docbook">
|
|
<refnamediv>
|
|
<refname>pg_select</refname>
|
|
<refpurpose>
|
|
Select records
|
|
</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsect1 role="description">
|
|
&reftitle.description;
|
|
<methodsynopsis>
|
|
<type class="union"><type>array</type><type>string</type><type>false</type></type><methodname>pg_select</methodname>
|
|
<methodparam><type>PgSql\Connection</type><parameter>connection</parameter></methodparam>
|
|
<methodparam><type>string</type><parameter>table_name</parameter></methodparam>
|
|
<methodparam><type>array</type><parameter>conditions</parameter></methodparam>
|
|
<methodparam choice="opt"><type>int</type><parameter>flags</parameter><initializer><constant>PGSQL_DML_EXEC</constant></initializer></methodparam>
|
|
<methodparam choice="opt"><type>int</type><parameter>mode</parameter><initializer><constant>PGSQL_ASSOC</constant></initializer></methodparam>
|
|
</methodsynopsis>
|
|
<para>
|
|
<function>pg_select</function> selects records specified by
|
|
<parameter>conditions</parameter> which has
|
|
<literal>field=>value</literal>. For a successful query, it returns an
|
|
array containing all records and fields that match the condition
|
|
specified by <parameter>conditions</parameter>.
|
|
</para>
|
|
<para>If <parameter>flags</parameter> is specified,
|
|
<function>pg_convert</function> is applied to
|
|
<parameter>conditions</parameter> with the specified flags.
|
|
</para>
|
|
<para>
|
|
By default <function>pg_select</function> passes raw values. Values
|
|
must be escaped or PGSQL_DML_ESCAPE option must be
|
|
specified. PGSQL_DML_ESCAPE quotes and escapes
|
|
parameters/identifiers. Therefore, table/column names became case
|
|
sensitive.
|
|
</para>
|
|
<para>
|
|
Note that neither escape nor prepared query can protect LIKE query,
|
|
JSON, Array, Regex, etc. These parameters should be handled
|
|
according to their contexts. i.e. Escape/validate values.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="parameters">
|
|
&reftitle.parameters;
|
|
<para>
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term><parameter>connection</parameter></term>
|
|
<listitem>
|
|
&pgsql.parameter.connection;
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><parameter>table_name</parameter></term>
|
|
<listitem>
|
|
<para>
|
|
Name of the table from which to select rows.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><parameter>conditions</parameter></term>
|
|
<listitem>
|
|
<para>
|
|
An <type>array</type> whose keys are field names in the table <parameter>table_name</parameter>,
|
|
and whose values are the conditions that a row must meet to be retrieved.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><parameter>flags</parameter></term>
|
|
<listitem>
|
|
<para>
|
|
Any number of <constant>PGSQL_CONV_FORCE_NULL</constant>,
|
|
<constant>PGSQL_DML_NO_CONV</constant>,
|
|
<constant>PGSQL_DML_ESCAPE</constant>,
|
|
<constant>PGSQL_DML_EXEC</constant>,
|
|
<constant>PGSQL_DML_ASYNC</constant> or
|
|
<constant>PGSQL_DML_STRING</constant> combined. If <constant>PGSQL_DML_STRING</constant> is part of the
|
|
<parameter>flags</parameter> then query string is returned. When <constant>PGSQL_DML_NO_CONV</constant>
|
|
or <constant>PGSQL_DML_ESCAPE</constant> is set, it does not call <function>pg_convert</function> internally.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="returnvalues">
|
|
&reftitle.returnvalues;
|
|
<para>
|
|
Returns <type>string</type> if <constant>PGSQL_DML_STRING</constant> is passed
|
|
via <parameter>flags</parameter>, otherwise it returns an <type>array</type> on success, &return.falseforfailure;.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="changelog">
|
|
&reftitle.changelog;
|
|
<para>
|
|
<informaltable>
|
|
<tgroup cols="2">
|
|
<thead>
|
|
<row>
|
|
<entry>&Version;</entry>
|
|
<entry>&Description;</entry>
|
|
</row>
|
|
</thead>
|
|
<tbody>
|
|
&pgsql.changelog.connection-object;
|
|
<row>
|
|
<entry>7.1.0</entry>
|
|
<entry>
|
|
The <parameter>mode</parameter> parameter was added.
|
|
</entry>
|
|
</row>
|
|
</tbody>
|
|
</tgroup>
|
|
</informaltable>
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="examples">
|
|
&reftitle.examples;
|
|
<para>
|
|
<example>
|
|
<title><function>pg_select</function> example</title>
|
|
<programlisting role="php">
|
|
<![CDATA[
|
|
<?php
|
|
$db = pg_connect('dbname=foo');
|
|
// This is safe somewhat, since all values are escaped.
|
|
// However PostgreSQL supports JSON/Array. These are not
|
|
// safe by neither escape nor prepared query.
|
|
$rec = pg_select($db, 'post_log', $_POST, PG_DML_ESCAPE);
|
|
if ($rec) {
|
|
echo "Records selected\n";
|
|
var_dump($rec);
|
|
} else {
|
|
echo "User must have sent wrong inputs\n";
|
|
}
|
|
?>
|
|
]]>
|
|
</programlisting>
|
|
</example>
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="seealso">
|
|
&reftitle.seealso;
|
|
<para>
|
|
<simplelist>
|
|
<member><function>pg_convert</function></member>
|
|
</simplelist>
|
|
</para>
|
|
</refsect1>
|
|
</refentry>
|
|
<!-- Keep this comment at the end of the file
|
|
Local variables:
|
|
mode: sgml
|
|
sgml-omittag:t
|
|
sgml-shorttag:t
|
|
sgml-minimize-attributes:nil
|
|
sgml-always-quote-attributes:t
|
|
sgml-indent-step:1
|
|
sgml-indent-data:t
|
|
indent-tabs-mode:nil
|
|
sgml-parent-document:nil
|
|
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
|
|
sgml-exposed-tags:nil
|
|
sgml-local-catalogs:nil
|
|
sgml-local-ecat-files:nil
|
|
End:
|
|
vim600: syn=xml fen fdm=syntax fdl=2 si
|
|
vim: et tw=78 syn=sgml
|
|
vi: ts=1 sw=1
|
|
-->
|