isAttributeName.php
Table of Contents
Functions
- isAttributeName() : bool
- Checks whether a string is a safe AQL attribute name — or nested attribute path — that can be concatenated into a dot-notation accessor such as `doc.<name>` without any risk of AQL injection.
Functions
isAttributeName()
Checks whether a string is a safe AQL attribute name — or nested attribute path — that can be concatenated into a dot-notation accessor such as `doc.<name>` without any risk of AQL injection.
isAttributeName(mixed $value) : bool
A valid name is one or more identifier segments joined by dots, where each
segment starts with a letter or underscore and continues with letters, digits
or underscores. This is exactly what AQL dot notation accepts unquoted, so any
character able to break out of an attribute path (spaces, operators, quotes,
parentheses, -, ;, …) is rejected.
It is the attribute-path counterpart of isBindVariable() (which guards bind variable names): use it whenever an untrusted identifier — e.g. a facet sub-field name coming from the URL — is interpolated into a query string.
Parameters
- $value : mixed
-
The value to check.
Tags
Return values
bool —True when $value is a safe single or dotted attribute name.