pg_query

(PHP 4 >= 4.2.0, PHP 5, PHP 7, PHP 8)

pg_queryExecute a query

Description

pg_query(PgSql\Connection $connection = ?, string $query): PgSql\Result|false

pg_query() executes the query on the specified database connection. pg_query_params() should be preferred in most cases.

If an error occurs, and false is returned, details of the error can be retrieved using the pg_last_error() function if the connection is valid.

Note: Although connection can be omitted, it is not recommended, since it can be the cause of hard to find bugs in scripts.

Note:

This function used to be called pg_exec(). pg_exec() is still available for compatibility reasons, but users are encouraged to use the newer name.

Parameters

connection

An PgSql\Connection instance. When connection is unspecified, the default connection is used. The default connection is the last connection made by pg_connect() or pg_pconnect().

Warning

As of PHP 8.1.0, using the default connection is deprecated.

query

The SQL statement or statements to be executed. When multiple statements are passed to the function, they are automatically executed as one transaction, unless there are explicit BEGIN/COMMIT commands included in the query string. However, using multiple transactions in one function call is not recommended.

Warning

String interpolation of user-supplied data is extremely dangerous and is likely to lead to SQL injection vulnerabilities. In most cases pg_query_params() should be preferred, passing user-supplied values as parameters rather than substituting them into the query string.

Any user-supplied data substituted directly into a query string should be properly escaped.

Return Values

An PgSql\Result instance on success, or false on failure.

Changelog

Version Description
8.1.0 Returns an PgSql\Result instance now; previously, a resource was returned.
8.1.0 The connection parameter expects an PgSql\Connection instance now; previously, a resource was expected.

Examples

Example #1 pg_query() example

<?php

$conn
= pg_pconnect("dbname=publisher");
if (!
$conn) {
echo
"An error occurred.\n";
exit;
}

$result = pg_query($conn, "SELECT author, email FROM authors");
if (!
$result) {
echo
"An error occurred.\n";
exit;
}

while (
$row = pg_fetch_row($result)) {
echo
"Author: $row[0] E-mail: $row[1]";
echo
"<br />\n";
}

?>

Example #2 Using pg_query() with multiple statements

<?php

$conn
= pg_pconnect("dbname=publisher");

// these statements will be executed as one transaction

$query = "UPDATE authors SET author=UPPER(author) WHERE id=1;";
$query .= "UPDATE authors SET author=LOWER(author) WHERE id=2;";
$query .= "UPDATE authors SET author=NULL WHERE id=3;";

pg_query($conn, $query);

?>

See Also

add a note

User Contributed Notes 9 notes

up
5
a dot mcruer at live dot com
11 years ago
A quick note for novice users: when gathering input from fields on a web form that maintains a database connection, *never* use pg_query to do queries from the field. Always sanitize input using pg_prepare and pg_execute.
up
4
zoli at makettinfo.hu
18 years ago
It would be better this way:

<?php
$result
=pg_query($conn, "SELECT COUNT(*) AS rows FROM x WHERE a=b;");
if (!
$result) {
echo
"query did not execute";
}
if (
$line = pg_fetch_assoc($result)) {
if (
$line['rows'] == 0) {
echo
"0 records"
}
}
else {
while (
$row = pg_fetch_array($result)) {
//do stuff with $row
}
}
?>

This solution doesn't raise the load of the system with the move of matching rows (perhaps 0,1, perhaps 100, 1000, ... rows)
up
4
jsuzuki at spamcop dot net
19 years ago
expanding on the note left by "cmoore" -

To check to see if the recordset returned no records,

<?php
$result
=pg_query($conn, "SELECT * FROM x WHERE a=b;");
if (!
$result) {
echo
"query did not execute";
}
$rs = pg_fetch_assoc($result);
if (!
$rs) {
echo
"0 records"
}
?>

-jack
up
2
mentat at azsoft dot pl
22 years ago
$GLOBALS["PG_CONNECT"]=pg_connect(...);
....

function query ($sqlQuery,$var=0) {
if (!$GLOBALS["PG_CONNECT"]) return 0;
$lev=error_reporting (8); //NO WARRING!!
$result=pg_query ($sqlQuery);
error_reporting ($lev); //DEFAULT!!
if (strlen ($r=pg_last_error ($GLOBALS["PG_CONNECT"]))) {
if ($var) {
echo "<p color=\"red\">ERROR:<pre>";
echo $sqlQuery;
echo "</pre>";
echo $r;
echo "&lt/p>";
}
close_db ();
return 0;
}
return $result;
}
up
1
cmoore
19 years ago
One thing to note that wasn't obvious to me at first. If your query returns zero rows, that is not a "failed" query. So the following is wrong:
$result=pg_query($conn, "SELECT * FROM x WHERE a=b;");
if (!$result) {
echo "No a=b in x\n";
}

pg_query returns FALSE if the query can not be executed for some reason. If the query is executed but returns zero rows then you get back a resul with no rows.
up
0
mankyd
18 years ago
There was a typo in the code that I posted:

<?php
$result
=pg_query($conn, "SELECT * FROM x WHERE a=b;");
if (!
$result) {
echo
"query did not execute";
}
if (
pg_num_rows($result) == 0) {
echo
"0 records"
}
else {
while (
$row = pg_fetch_array($result)) {
//do stuff with $row
}
}
?>
up
-1
Akbar
20 years ago
Use pg_query to call your stored procedures, and use pg_fetch_result when getting a value (like a smallint as in this example) returned by your stored procedure.

<?php
$pgConnection
= pg_connect("dbname=users user=me");

$userNameToCheckFor = "metal";

$result = pg_query($pgConnection, "SELECT howManyUsersHaveThisName('$userNameToCheckFor')");

$count = pg_fetch_result($result, 0, 'howManyUsersHaveThisName');
?>
up
-2
mankyd
18 years ago
Improving upon what jsuzuki said:

It's probably better to use pg_num_rows() to see if no rows were returned, as that leaves the resultset cursor pointed to the first row so you can use it in a loop.

Example:

<?php
$result
=pg_query($conn, "SELECT * FROM x WHERE a=b;");
if (!
$result) {
echo
"query did not execute";
}
if (
pg_num_rows($result) == 0) {
echo
"0 records"
}
else {
while (
$row = pg_fetch_array($result) {
//do stuff with $row
}
}
?>

I, personally, also find it more readable.
up
-2
Anonymous
11 years ago
Here is my small function to make it easier for me to use data from select queries (attention, it is sensitive to sql injection)
<?php
function requestToDB($connection,$request){
if(!
$result=pg_query($connection,$request)){
return
False;
}
$combined=array();
while (
$row = pg_fetch_assoc($result)) {
$combined[]=$row;
}
return
$combined;
}
?>

Example:
<?php
$conn
= pg_pconnect("dbname=mydatabase");

$results=requestToDB($connect,"select * from mytable");

//You can now access a "cell" of your table like this:
$rownumber=0;
$columname="mycolumn";

$mycell=$results[$rownumber][$columname];
var_dump($mycell);
To Top