PHPCon Poland 2024


(PHP 4 >= 4.2.0, PHP 5, PHP 7, PHP 8)

pg_escape_bytea Escape a string for insertion into a bytea field


pg_escape_bytea(PgSql\Connection $connection = ?, string $data): string

pg_escape_bytea() escapes string for bytea datatype. It returns escaped string.


When you SELECT a bytea type, PostgreSQL returns octal byte values prefixed with '\' (e.g. \032). Users are supposed to convert back to binary format manually.

This function requires PostgreSQL 7.2 or later. With PostgreSQL 7.2.0 and 7.2.1, bytea values must be cast when you enable multi-byte support. i.e. INSERT INTO test_table (image) VALUES ('$image_escaped'::bytea); PostgreSQL 7.2.2 or later does not need a cast. The exception is when the client and backend character encoding does not match, and there may be multi-byte stream error. User must then cast to bytea to avoid this error.



An PgSql\Connection instance. When connection is unspecified, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect().


As of PHP 8.1.0, using the default connection is deprecated.


A string containing text or binary data to be inserted into a bytea column.

Return Values

A string containing the escaped data.


Version Description
8.1.0 The connection parameter expects an PgSql\Connection instance now; previously, a resource was expected.


Example #1 pg_escape_bytea() example

// Connect to the database
$dbconn = pg_connect('dbname=foo');

// Read in a binary file
$data = file_get_contents('image1.jpg');

// Escape the binary data
$escaped = pg_escape_bytea($data);

// Insert it into the database
pg_query("INSERT INTO gallery (name, data) VALUES ('Pine trees', '{$escaped}')");

See Also

add a note

User Contributed Notes 7 notes

ynzhang from lakeheadu of ca
15 years ago
The reason pg_unescape_bytea() do not exactly reproduce the binary data created by pg_escape_bytea() is because the backslash \ and single quote ' are double escaped by the pg_escape_bytea() function. This will lead to image seems corrupted when retrieve from the bytea field. The proper way to escape&unescape a binary string into a PG bytea field as follow:

= str_replace(array("\\\\", "''"), array("\\", "'"), pg_escape_bytea($data));
/* and later unescape the escaped data from the bytea field with following to get the original binary data */

$original_data = pg_unescape_bytea($escaped_data));

more details at:
Hayley Watson
6 years ago
PostgreSQL 9.0 introduced a new hexadecimal-based representation for bytea data that is preferred over the escaping mechanism implemented by this function.

function pg_escape_byteahex($binary)
13 years ago
To prevent any problems with encoding you could use hexadecimal or base64 input to save and retrieve data to the database:

// Connect to the database
$dbconn = pg_connect( 'dbname=foo' );

// Read in a binary file
$data = file_get_contents( 'image1.jpg' );

// Escape the binary data
$escaped = bin2hex( $data );

// Insert it into the database
pg_query( "INSERT INTO gallery (name, data) VALUES ('Pine trees', decode('{$escaped}' , 'hex'))" );

// Get the bytea data
$res = pg_query("SELECT encode(data, 'base64') AS data FROM gallery WHERE name='Pine trees'");
$raw = pg_fetch_result($res, 'data');

// Convert to binary and send to the browser
header('Content-type: image/jpeg');
20 years ago
to unescape_bytea use stripcslashes(). If you need to escape bytea and don't have pg_escape_bytea() function then use:

function escByteA($binData) {
* \134 = 92 = backslash, \000 = 00 = NULL, \047 = 39 = Single Quote
* str_replace() replaces the searches array in order. Therefore, we must
* process the 'backslash' character first. If we process it last, it'll
* replace all the escaped backslashes from the other searches that came
* before.
$search = array(chr(92), chr(0), chr(39));
$replace = array('\\\134', '\\\000', '\\\047');
$binData = str_replace($search, $replace, $binData);
//echo "<pre>$binData</pre>";
10 years ago
using pg_escape_bytea without 'E' escape tag
// Die Binärdaten maskieren
$escaped = pg_escape_bytea($data);

// und in die Datenbank einfügen (falsch/wrong)
pg_query("INSERT INTO gallery (name, data) VALUES ('Pine trees', E'$escaped')");

// und in die Datenbank einfügen (richtig/right)
pg_query("INSERT INTO gallery (name, data) VALUES ('Pine trees', '$escaped')");
gglockner AT NOSPAMdwaffler DOT com
14 years ago
If you're getting errors about nonstandard use of \\ in a string literal, then you need to escape the encoded bytea as follows:

= pg_escape_bytea($data);
pg_query("INSERT INTO gallery (name, data) VALUES ('Pine trees', E'$escaped'::bytea)");
php at tobias dot olsson dot be
21 years ago
if you need to change back bytea from the db to normal data, this will do that:

function pg_unescape_bytea($bytea) {
return eval(
"return \"".str_replace('$', '\\$', str_replace('"', '\\"', $bytea))."\";");

// use like this
$rs = pg_query($conn, "SELECT image from images LIMIT 1");
$image = pg_unescape_bytea(pg_fetch_result($rs, 0, 0));

To Top