public Connection::escapeField($field)
Escapes a field name string.
Force all field names to be strictly alphanumeric-plus-underscore. For some database drivers, it may also wrap the field name in database-specific escape characters.
Parameters
string $field: An unsanitized field name.
Return value
string The sanitized field name.
Overrides Connection::escapeField
File
- core/lib/Drupal/Core/Database/Driver/pgsql/Connection.php, line 194
Class
- Connection
- PostgreSQL implementation of \Drupal\Core\Database\Connection.
Namespace
Drupal\Core\Database\Driver\pgsql
Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | public function escapeField($field) { $escaped = parent::escapeField($field); // Remove any invalid start character. $escaped = preg_replace('/^[^A-Za-z0-9_]/', '', $escaped); // The pgsql database driver does not support field names that contain // periods (supported by PostgreSQL server) because this method may be // called by a field with a table alias as part of SQL conditions or // order by statements. This will consider a period as a table alias // identifier, and split the string at the first period. if (preg_match('/^([A-Za-z0-9_]+)"?[.]"?([A-Za-z0-9_.]+)/', $escaped, $parts)) { $table = $parts[1]; $column = $parts[2]; // Use escape alias because escapeField may contain multiple periods that // need to be escaped. $escaped = $this->escapeTable($table) . '.' . $this->escapeAlias($column); } else { $escaped = $this->doEscape($escaped); } return $escaped;} |
Please login to continue.