-
Notifications
You must be signed in to change notification settings - Fork 860
Expand file tree
/
Copy pathpg-query.xml
More file actions
198 lines (182 loc) · 5.44 KB
/
pg-query.xml
File metadata and controls
198 lines (182 loc) · 5.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<!-- splitted from ./en/functions/pgsql.xml, last change in rev 1.2 -->
<refentry xml:id="function.pg-query" xmlns="http://docbook.org/ns/docbook">
<refnamediv>
<refname>pg_query</refname>
<refpurpose>Execute a query</refpurpose>
</refnamediv>
<refsect1 role="description">
&reftitle.description;
<methodsynopsis>
<type class="union"><type>PgSql\Result</type><type>false</type></type><methodname>pg_query</methodname>
<methodparam choice="opt"><type>PgSql\Connection</type><parameter>connection</parameter></methodparam>
<methodparam><type>string</type><parameter>query</parameter></methodparam>
</methodsynopsis>
<para>
<function>pg_query</function> executes the <parameter>query</parameter>
on the specified database <parameter>connection</parameter>.
<function>pg_query_params</function> should be preferred
in most cases.
</para>
<para>
If an error occurs, and &false; is returned, details of the error can
be retrieved using the <function>pg_last_error</function>
function if the connection is valid.
</para>
<para>
<note>
<simpara>
Although <parameter>connection</parameter> can be omitted, it
is not recommended, since it can be the cause of hard to find
bugs in scripts.
</simpara>
</note>
</para>
<note>
<para>
This function used to be called <function>pg_exec</function>.
<function>pg_exec</function> is still available for compatibility
reasons, but users are encouraged to use the newer name.
</para>
</note>
</refsect1>
<refsect1 role="parameters">
&reftitle.parameters;
<para>
<variablelist>
<varlistentry>
<term><parameter>connection</parameter></term>
<listitem>
&pgsql.parameter.connection-with-unspecified-default;
</listitem>
</varlistentry>
<varlistentry>
<term><parameter>query</parameter></term>
<listitem>
<para>
The SQL statement or statements to be executed. When multiple statements are passed to the function,
they are automatically executed as one transaction, unless there are explicit BEGIN/COMMIT commands
included in the query string. However, using multiple transactions in one function call is not recommended.
</para>
<warning>
<para>
String interpolation of user-supplied data is extremely dangerous and is
likely to lead to <link linkend="security.database.sql-injection">SQL
injection</link> vulnerabilities. In most cases
<function>pg_query_params</function> should be preferred, passing
user-supplied values as parameters rather than substituting them into
the query string.
</para>
<para>
Any user-supplied data substituted directly into a query string should
be <link linkend="function.pg-escape-string">properly escaped</link>.
</para>
</warning>
</listitem>
</varlistentry>
</variablelist>
</para>
</refsect1>
<refsect1 role="returnvalues">
&reftitle.returnvalues;
<para>
An <classname>PgSql\Result</classname> instance on success, &return.falseforfailure;.
</para>
</refsect1>
<refsect1 role="changelog">
&reftitle.changelog;
<informaltable>
<tgroup cols="2">
<thead>
<row>
<entry>&Version;</entry>
<entry>&Description;</entry>
</row>
</thead>
<tbody>
&pgsql.changelog.return-result-object;
&pgsql.changelog.connection-object;
</tbody>
</tgroup>
</informaltable>
</refsect1>
<refsect1 role="examples">
&reftitle.examples;
<para>
<example>
<title><function>pg_query</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
$conn = pg_pconnect("dbname=publisher");
if (!$conn) {
echo "An error occurred.\n";
exit;
}
$result = pg_query($conn, "SELECT author, email FROM authors");
if (!$result) {
echo "An error occurred.\n";
exit;
}
while ($row = pg_fetch_row($result)) {
echo "Author: $row[0] E-mail: $row[1]";
echo "<br />\n";
}
?>
]]>
</programlisting>
</example>
</para>
<para>
<example>
<title>Using <function>pg_query</function> with multiple statements</title>
<programlisting role="php">
<![CDATA[
<?php
$conn = pg_pconnect("dbname=publisher");
// these statements will be executed as one transaction
$query = "UPDATE authors SET author=UPPER(author) WHERE id=1;";
$query .= "UPDATE authors SET author=LOWER(author) WHERE id=2;";
$query .= "UPDATE authors SET author=NULL WHERE id=3;";
pg_query($conn, $query);
?>
]]>
</programlisting>
</example>
</para>
</refsect1>
<refsect1 role="seealso">
&reftitle.seealso;
<para>
<simplelist>
<member><function>pg_connect</function></member>
<member><function>pg_pconnect</function></member>
<member><function>pg_fetch_array</function></member>
<member><function>pg_fetch_object</function></member>
<member><function>pg_num_rows</function></member>
<member><function>pg_affected_rows</function></member>
</simplelist>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->