public function Connection::escapeField in Drupal 8
Same name in this branch
- 8 core/lib/Drupal/Core/Database/Connection.php \Drupal\Core\Database\Connection::escapeField()
- 8 core/lib/Drupal/Core/Database/Driver/pgsql/Connection.php \Drupal\Core\Database\Driver\pgsql\Connection::escapeField()
- 8 core/lib/Drupal/Core/Database/Driver/mysql/Connection.php \Drupal\Core\Database\Driver\mysql\Connection::escapeField()
Escapes a field name string.
Force all field names to be strictly alphanumeric-plus-underscore. For some database drivers, it may also wrap the field name in database-specific escape characters.
Parameters
string $field: An unsanitized field name.
Return value
string The sanitized field name.
Overrides Connection::escapeField
File
- core/
lib/ Drupal/ Core/ Database/ Driver/ pgsql/ Connection.php, line 229
Class
- Connection
- PostgreSQL implementation of \Drupal\Core\Database\Connection.
Namespace
Drupal\Core\Database\Driver\pgsqlCode
public function escapeField($field) {
$escaped = parent::escapeField($field);
// Remove any invalid start character.
$escaped = preg_replace('/^[^A-Za-z0-9_]/', '', $escaped);
// The pgsql database driver does not support field names that contain
// periods (supported by PostgreSQL server) because this method may be
// called by a field with a table alias as part of SQL conditions or
// order by statements. This will consider a period as a table alias
// identifier, and split the string at the first period.
if (preg_match('/^([A-Za-z0-9_]+)"?[.]"?([A-Za-z0-9_.]+)/', $escaped, $parts)) {
$table = $parts[1];
$column = $parts[2];
// Use escape alias because escapeField may contain multiple periods that
// need to be escaped.
$escaped = $this
->escapeTable($table) . '.' . $this
->escapeAlias($column);
}
else {
$escaped = $this
->doEscape($escaped);
}
return $escaped;
}