PHP Function PG_Execute

php function pg_execute is an important part of any php script that connects to postgreSQL database server. The function prepares SQL statements to be sent to the database server, allowing commands that will be used repeatedly to be parsed and planned once and then combined with parameter values each time they are executed. This helps limit the risk of SQL injection attacks.

The function pg_prepare() creates a prepared statement that is ready to be sent to the database server when you call pg_execute() or pg_send_execute(). The statement must contain a single SQL command and may contain a? or a named parameter like :name. You must pass in the parameter values that will be used with the prepared statement, or it will not work. This function is supported only for connections to PostgreSQL version 7.4 and higher.

When you call pg_execute(), it sends the parameterized SQL statement to the PostgreSQL database specified by connection (which must be a valid connection returned by pg_connect() or pg_pconnect()). If the query is successful, an PgSqlResult instance is returned. If there is an error, details about the error can be retrieved by using the pg_get_errormessage() function.

In addition, you can use pg_result_error_field() to return an individual field of an error report. Also, you can use pg_result_seek() to move the internal row offset in the result resource returned by a call to pg_query(), pg_query_params() or pg_execute(). This is especially useful when you need to retrieve the results of large queries that may require a lot of memory.