W3cubDocs

/Drupal 8

public function Connection::escapeTable

public Connection::escapeTable($table)

Escapes a table name string.

Force all table names to be strictly alphanumeric-plus-underscore. For some database drivers, it may also wrap the table name in database-specific escape characters.

Parameters

string $table: An unsanitized table name.

Return value

string The sanitized table name.

File

core/lib/Drupal/Core/Database/Connection.php, line 944

Class

Connection
Base Database API class.

Namespace

Drupal\Core\Database

Code

public function escapeTable($table) {
  return preg_replace('/[^A-Za-z0-9_.]+/', '', $table);
}

© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Core!Database!Connection.php/function/Connection::escapeTable/8.1.x