You are here

Home » API reference » Forena Reports 7.4 » FrxPDO.inc » FrxPDO

public function FrxPDO::quote in Forena Reports 7.4

Same name and namespace in other branches
  1. 6.2 plugins/FrxPDO.inc \FrxPDO::quote()
  2. 7.2 plugins/FrxPDO.inc \FrxPDO::quote()
  3. 7.3 plugins/FrxPDO.inc \FrxPDO::quote()

Wrapper method cause some ODBC providers do not support quoting. We're going to assume the MSSQL method of quoting.

Parameters

$value:

1 call to FrxPDO::quote()
FrxPDO::format in plugins/FrxPDO.inc
Implement custom SQL formatter to make sure that strings are properly escaped. Ideally we'd replace this with something that handles prepared statements, but it wouldn't work for

File

plugins/FrxPDO.inc, line 166
General database engine used to do sql queries.

Class

FrxPDO
@file General database engine used to do sql queries.

Code

public function quote($value) {
  $new_value = $this->db
    ->quote($value);
  if (($value !== '' || $value !== NULL) && !$new_value) {
    $value = "'" . str_replace("'", "''", $value) . "'";
  }
  else {
    $value = $new_value;
  }
  return $value;
}