mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-24 04:48:55 +00:00
171 lines
5.3 KiB
XML
171 lines
5.3 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- $Revision$ -->
|
|
<!-- splitted from ./en/functions/pgsql.xml, last change in rev 1.80 -->
|
|
<refentry xml:id="function.pg-insert" xmlns="http://docbook.org/ns/docbook">
|
|
<refnamediv>
|
|
<refname>pg_insert</refname>
|
|
<refpurpose>
|
|
Insert array into table
|
|
</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsect1 role="description">
|
|
&reftitle.description;
|
|
<methodsynopsis>
|
|
<type class="union"><type>PgSql\Result</type><type>string</type><type>bool</type></type><methodname>pg_insert</methodname>
|
|
<methodparam><type>PgSql\Connection</type><parameter>connection</parameter></methodparam>
|
|
<methodparam><type>string</type><parameter>table_name</parameter></methodparam>
|
|
<methodparam><type>array</type><parameter>values</parameter></methodparam>
|
|
<methodparam choice="opt"><type>int</type><parameter>flags</parameter><initializer><constant>PGSQL_DML_EXEC</constant></initializer></methodparam>
|
|
</methodsynopsis>
|
|
<para>
|
|
<function>pg_insert</function> inserts the values
|
|
of <parameter>values</parameter> into the table specified
|
|
by <parameter>table_name</parameter>.
|
|
</para>
|
|
<para>
|
|
If <parameter>flags</parameter> is specified,
|
|
<function>pg_convert</function> is applied to
|
|
<parameter>values</parameter> with the specified flags.
|
|
</para>
|
|
<para>
|
|
By default <function>pg_insert</function> passes raw values.
|
|
Values must be escaped or the <constant>PGSQL_DML_ESCAPE</constant> flag
|
|
must be specified in <parameter>flags</parameter>.
|
|
<constant>PGSQL_DML_ESCAPE</constant> quotes and escapes parameters/identifiers.
|
|
Therefore, table/column names become case sensitive.
|
|
</para>
|
|
<para>
|
|
Note that neither escape nor prepared query can protect LIKE query,
|
|
JSON, Array, Regex, etc. These parameters should be handled
|
|
according to their contexts. i.e. Escape/validate values.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="parameters">
|
|
&reftitle.parameters;
|
|
<para>
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term><parameter>connection</parameter></term>
|
|
<listitem>
|
|
&pgsql.parameter.connection;
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><parameter>table_name</parameter></term>
|
|
<listitem>
|
|
<para>
|
|
Name of the table into which to insert rows. The table <parameter>table_name</parameter> must at least
|
|
have as many columns as <parameter>values</parameter> has elements.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><parameter>values</parameter></term>
|
|
<listitem>
|
|
<para>
|
|
An <type>array</type> whose keys are field names in the table <parameter>table_name</parameter>,
|
|
and whose values are the values of those fields that are to be inserted.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><parameter>flags</parameter></term>
|
|
<listitem>
|
|
<para>
|
|
Any number of <constant>PGSQL_CONV_OPTS</constant>,
|
|
<constant>PGSQL_DML_NO_CONV</constant>,
|
|
<constant>PGSQL_DML_ESCAPE</constant>,
|
|
<constant>PGSQL_DML_EXEC</constant>,
|
|
<constant>PGSQL_DML_ASYNC</constant> or
|
|
<constant>PGSQL_DML_STRING</constant> combined. If <constant>PGSQL_DML_STRING</constant> is part of the
|
|
<parameter>flags</parameter> then query string is returned. When <constant>PGSQL_DML_NO_CONV</constant>
|
|
or <constant>PGSQL_DML_ESCAPE</constant> is set, it does not call <function>pg_convert</function> internally.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="returnvalues">
|
|
&reftitle.returnvalues;
|
|
<para>
|
|
&return.success;. Or returns a &string; on success if <constant>PGSQL_DML_STRING</constant> is passed
|
|
via <parameter>flags</parameter>.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="changelog">
|
|
&reftitle.changelog;
|
|
<informaltable>
|
|
<tgroup cols="2">
|
|
<thead>
|
|
<row>
|
|
<entry>&Version;</entry>
|
|
<entry>&Description;</entry>
|
|
</row>
|
|
</thead>
|
|
<tbody>
|
|
&pgsql.changelog.return-result-object;
|
|
&pgsql.changelog.connection-object;
|
|
</tbody>
|
|
</tgroup>
|
|
</informaltable>
|
|
</refsect1>
|
|
|
|
<refsect1 role="examples">
|
|
&reftitle.examples;
|
|
<para>
|
|
<example>
|
|
<title><function>pg_insert</function> example</title>
|
|
<programlisting role="php">
|
|
<![CDATA[
|
|
<?php
|
|
$dbconn = pg_connect('dbname=foo');
|
|
// This is safe somewhat, since all values are escaped.
|
|
// However PostgreSQL supports JSON/Array. These are not
|
|
// safe by neither escape nor prepared query.
|
|
$res = pg_insert($dbconn, 'post_log', $_POST, PG_DML_ESCAPE);
|
|
if ($res) {
|
|
echo "POST data is successfully logged\n";
|
|
} else {
|
|
echo "User must have sent wrong inputs\n";
|
|
}
|
|
?>
|
|
]]>
|
|
</programlisting>
|
|
</example>
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 role="seealso">
|
|
&reftitle.seealso;
|
|
<para>
|
|
<simplelist>
|
|
<member><function>pg_convert</function></member>
|
|
</simplelist>
|
|
</para>
|
|
</refsect1>
|
|
</refentry>
|
|
<!-- Keep this comment at the end of the file
|
|
Local variables:
|
|
mode: sgml
|
|
sgml-omittag:t
|
|
sgml-shorttag:t
|
|
sgml-minimize-attributes:nil
|
|
sgml-always-quote-attributes:t
|
|
sgml-indent-step:1
|
|
sgml-indent-data:t
|
|
indent-tabs-mode:nil
|
|
sgml-parent-document:nil
|
|
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
|
|
sgml-exposed-tags:nil
|
|
sgml-local-catalogs:nil
|
|
sgml-local-ecat-files:nil
|
|
End:
|
|
vim600: syn=xml fen fdm=syntax fdl=2 si
|
|
vim: et tw=78 syn=sgml
|
|
vi: ts=1 sw=1
|
|
-->
|