- *
- * @param string $s Sql identifier variable to be escaped/sanitized.
- * @param array/string $whitelist_items Items used in whitelisting method (See function description for details of whitelisting method).
- * Standard use is to use a array. If use a string, then should be regex expression of allowed
- * characters (for example 'a-zA-Z0-9_').
- * @param boolean $die_if_no_match If there is no match in the whitelist, then die and echo an error to screen and log.
- * @param boolean $case_sens_match Use case sensitive match (this is default).
- * @param boolean $throw_exception_if_no_match If there is no match in the whitelist then throw an exception
- * @return string Escaped/sanitized sql identifier variable.
- */
- function escape_identifier($s, $whitelist_items, $die_if_no_match = false, $case_sens_match = true, $throw_exception_if_no_match = false)
- {
- if (is_array($whitelist_items)) {
- // Only return an item within the whitelist_items
- $ok = $whitelist_items;
- // First, search for case sensitive match
- $key = array_search($s, $ok);
- if ($key === false) {
- // No match
- if (!$case_sens_match) {
- // Attempt a case insensitive match