odbc_connection_string_quote

(PHP 8 >= 8.2.0)

odbc_connection_string_quoteQuotes an ODBC connection string value

说明

odbc_connection_string_quote(string $str): string

Quotes a value for a connection string, according to ODBC rules. That is, it will be surrounded by quotes, and any ending curly braces will be escaped. This should be done for any connection string values that come from user input. Not doing so can lead to issues with parsing the connection string, or values being injected into the connection string.

Note that this function does not check if the string is already quoted, nor if the string needs quoting. For that, call odbc_connection_string_is_quoted() and odbc_connection_string_should_quote().

参数

str

The unquoted string.

返回值

A quoted string, surrounded by curly braces, and properly escaped.

示例

示例 #1 odbc_connection_string_quote() example

This example quotes a string, then puts it in a connection string. Note that the string is quoted, and the ending quote character in the middle of the string has been escaped.

<?php
$value
= odbc_connection_string_quote("foo}bar");
$connection_string = "DSN=PHP;UserValue=$value";
echo
$connection_string;
?>

以上示例的输出类似于:

DSN=PHP;UserValue={foo}}bar}

参见

add a note

User Contributed Notes

There are no user contributed notes for this page.
To Top