ConFoo 2025

odbc_connection_string_quote

(PHP 8 >= 8.2.0)

odbc_connection_string_quoteQuotes an ODBC connection string value

说明

odbc_connection_string_quote(string $str): string

Quotes a value for a connection string, according to ODBC rules. That is, it will be surrounded by quotes, and any ending curly braces will be escaped. This should be done for any connection string values that come from user input. Not doing so can lead to issues with parsing the connection string, or values being injected into the connection string.

Note that this function does not check if the string is already quoted, nor if the string needs quoting. For that, call odbc_connection_string_is_quoted() and odbc_connection_string_should_quote().

参数

str

The unquoted string.

返回值

A quoted string, surrounded by curly braces, and properly escaped.

示例

示例 #1 odbc_connection_string_quote() example

This example quotes a string, then puts it in a connection string. Note that the string is quoted, and the ending quote character in the middle of the string has been escaped.

<?php
$value
= odbc_connection_string_quote("foo}bar");
$connection_string = "DSN=PHP;UserValue=$value";
echo
$connection_string;
?>

以上示例的输出类似于:

DSN=PHP;UserValue={foo}}bar}

参见

添加备注

用户贡献的备注

此页面尚无用户贡献的备注。
To Top