(PHP 4 >= 4.3.0, PHP 5)
pg_insert — Insert array into table
$connection
, string $table_name
, array $assoc_array
[, int $options = PGSQL_DML_EXEC
] )
pg_insert() inserts the values of assoc_array
into the table specified by table_name.
If options is
specified, pg_convert() is applied
to assoc_array with the specified options.
connectionPostgreSQL database connection resource.
table_name
Name of the table into which to insert rows. The table table_name must at least
have as many columns as assoc_array has elements.
assoc_array
An array whose keys are field names in the table table_name,
and whose values are the values of those fields that are to be inserted.
options
Any number of PGSQL_CONV_OPTS,
PGSQL_DML_NO_CONV,
PGSQL_DML_ESCAPE,
PGSQL_DML_EXEC,
PGSQL_DML_ASYNC or
PGSQL_DML_STRING combined. If PGSQL_DML_STRING is part of the
options then query string is returned. When PGSQL_DML_NO_CONV
or PGSQL_DML_ESCAPE is set, it does not call pg_convert() internally.
Returns TRUE on success or FALSE on failure. Returns string if PGSQL_DML_STRING is passed
via options.
Example #1 pg_insert() example
<?php
$dbconn = pg_connect('dbname=foo');
// This is safe, since $_POST is converted automatically
$res = pg_insert($dbconn, 'post_log', $_POST);
if ($res) {
echo "POST data is successfully logged\n";
} else {
echo "User must have sent wrong inputs\n";
}
?>
| Version | Description |
|---|---|
| 5.6.0 |
No longer experimental. Added PGSQL_DML_ESCAPE constant,
TRUE/FALSE and NULL data type support.
|
| 5.5.3/5.4.19 |
Direct SQL injection to table_name and Indirect SQL
injection to identifiers are fixed.
|